What are the Cybersecurity Threats from Software Piracy?
The growth of Internet of Things (IoT) devices has been explosive, as smart devices such as tablets, phones, and wearables are increasingly prevalent in more and more aspects of daily living and are also utilized more often by employees for remote working. While these devices add flexibility and convenience, they also introduce loads of security concerns as personal and professional behaviors and activities collide on these IoT devices. While workers may follow established security protocols and behaviors on their corporate machines, it is naïve to assume that they would behave the same way on their personal devices. Even if workers apply basic levels of security awareness to their behaviors on their personal devices, there is still likely to be a great chasm between the sophisticated security solutions employed by their employer, and the antivirus app that they may (or may not) rely on to protect their tablet at home. It is probable that they downloaded the free version of that antivirus software, or maybe even a pirated version, and maybe a whole ton of other free and/or pirated things… this is certainly problematic.
A white paper aptly titled, “The Link between Pirated Software and Cybersecurity Breaches: How Malware in Pirated Software is Costing the World Billions”1 notes that… pirated software is in fact costing the world billions. The study conducted a forensic analysis of computers acquired in 11 countries including the United States, and a survey of consumers, workers and IT professionals conducted in 15 countries including the United States, and had some concerning findings including:
- Consumers and enterprises have a 33% chance of encountering malware when they obtain and install a pirated software package or buy a PC with pirated software on it.
- The National University of Singapore forensic analysis of 203 PCs purchased in 11 countries with pirated software on them found 61% of those PCs infected with malware.
- Consumers will spend nearly $25 billion and waste 1.2 billion hours in 2014 dealing with security issues created by malware on pirated software.
- 43% of consumers don’t routinely install security updates on their computers.
- IDC estimated that enterprises would spend $491 billion in 2014 because of malware associated with pirated software, which breaks out to $127 billion in dealing with security issues and $364 billion dealing with data breaches. Almost two-thirds of these enterprise losses, or $315 billion, will be the result of the activity of criminal organizations.
- Because of its large installed base of PCs and high piracy rate, the Asia Pacific region will incur more than 40% of worldwide consumer losses and more than 45% of enterprise losses.
Notably, this was a 2014 white paper focusing on PCs, which only scratches the surface of the scope of the problem of IoT cybersecurity that we face today. The ease with which an individual can acquire pirated software on their personal devices means that organizations need to be vigilant about the means and methods that workers can use to access organizational resources, so that the first malware-laden cracked game that they download does not become your next data breach. Additionally, educating workers about the dangers of downloading pirated software or obtaining inexplicably inexpensive software and installing it on their personal devices can go a long way towards protecting both their personal and professional data. Some tips include using software security updates and antivirus software, looking for “trust marks”, researching seller feedback, being suspicious of software that looks inauthentic, and trusting their instincts about whether this potential transaction has the potential to be saddled with malware. If they think it could be, it probably is.
1 National University of Singapore & IDC, 2014, “The Link between Pirated Software and Cybersecurity Breaches: How Malware in Pirated Software is Costing the World Billions”