Bargain or trouble: Cybercrime and non-genuine software

Geoff Spencer

Digital Content Editor, Microsoft Asia

Posted

Pirated software. Okay, it’s not the real thing, but it is cheap. And, that’s tempting, right?  Well, listen to Biplab Sikdar of the National University of Singapore (NUS). He has three words of expert advice: “Don’t do it!”

People, he explains, may think they are getting a bargain when in fact they are buying trouble, and possibly big trouble.

That is because cybercriminals – who have never been so adept at inflicting harm – are routinely infusing non-genuine software with all sorts of malware: trojans, worms, viruses, ransomware, backdoors, spyware, droppers, injectors, adware and so on.

A NUS researcher investigating a website that offers pirated software downloads.

They can do a whole lot of damage in this digital age. They might steal your data, your identity, and even your credit card details and savings. They might spy on your online activities, gain access to your files, and hack and manipulate your PC, leading it into even more peril. Most types of malware can be hard to detect and difficult to get rid of. And with time, the malware strains can multiply and become more sophisticated, dangerous, and highly targeted.

Sikdar sharing the dangers of downloading and using pirated software.

Downloading from a pirated disc or dodgy website opens a door to cybercriminals. Infected computers at home and work, Sikdar says, can be “turned into bots, zombies and then none of your personal information is secret anymore”.

Sikdar, who is an Associate Professor from the Department of Electrical and Computer Engineering at the NUS Faculty of Engineering, recently led a team of graduate students who set out to understand the scope of the problem in Asia – which has some of the highest pirated software usage rates in the world.  They scanned 458 pieces of non-genuine software and suspect websites in eight Asia Pacific countries – Malaysia, Indonesia, Thailand, Vietnam, Sri Lanka, Bangladesh, South Korea, and Philippines.

Infected computers at home and work, Sikdar says, can be “turned into bots, zombies and then none of your personal information is secret anymore”.

Their findings were staggering and disturbing.

The study, which was commissioned by Microsoft, discovered that 100% of the websites that host links to pirated software expose users to multiple security risks. Out of 165 CD and DVD samples, 61% carried malware. It even found that many new computers were at risk with non-genuine software pre-loaded – often as a “sweetener” thrown in by retailers wanting to make a sale. Of the new PCs sampled, 92% were infected.

“One of the (types of) malware we found was really dangerous,” says Rahul Singh Chauhan, who is studying for a master’s degree in computer science. “It could change the homepage of the browser. It could redirect you to a different unsafe website on its own.”

Fellow student Ramkumar Rajendran was equally agog at the pervasiveness of the problem. “Even normal pirated software had a lot of malware. It was surprising that basic software can be so harmful to your system,” he says.

Click here to view whitepaper

A new whitepaper report – “Cybersecurity Risks from Non-Genuine Software” – based on the NUS study found that the popularity of online downloading has brought scale to the activities of cybercriminals who “can now attack anybody, anywhere, anytime”.

According to the whitepaper report, “The cybercriminals/hackers are also able to hide their identities and camouflage their criminal activities, making them capable of undertaking more malicious attacks, without being investigated and prosecuted.”

Years ago, the issue of pirated software was fought to protect intellectual copyright. Now the focus is on malware and very much on protecting the global digital ecosystem at risk from cybercriminals who have built massive and lucrative illicit operations worth billions of dollars.

The report says the best defense against the malware risks associated with pirated software is safer online practices. Users need to be aware of serious security risks from piracy. They should use only current and up-to-date genuine software. And, it helps to install robust anti-virus software and conduct regular IT health checks to monitor threats.

Mary Jo Schrade, Assistant General Counsel and Regional Director of Microsoft’s Digital Crimes Unit in Asia, says the risks of using pirated software can impact the overall safety and security of individuals and businesses and this “is something we at Microsoft care about a lot.”

She also has some simple, down-to-earth advice about buying software: “If a price looks too good to be true, think twice about the risks“.