Organised crime costs over $315bn annually
Enterprises worldwide are expected to spend nearly $500 billion in 2014 to deal with issues caused by malware deliberately loaded onto pirated software — $127 billion dealing with security issues, of which $8 billion accrues from the Middle East and Africa, and $364 billion dealing with data breaches — according to a new joint study conducted by IDC and the National University of Singapore (NUS). Global consumers, on the other hand, are expected to spend $25 billion, including Middle East and African consumers who will pay $2 billion, on security threats and costly computer fixes stemming from malware on pirated software. This will also amount to 1.2 billion hours of wasted time in 2014.
The study, titled “The Link Between Pirated Software and Cybersecurity Breaches,” also revealed that 60 percent of consumers surveyed say their greatest fear from infected software is the loss of data, files or personal information, followed by unauthorized Internet transactions (51 percent) and hijacking of email, social networking and bank accounts (50 percent). However, 43 percent of those same respondents do not install security updates, leaving their computers open to attack by cybercriminals.
“There is now a firm link between the detected malware on illicit software and criminal organizations, for whom malware in pirated software can be a lucrative vector for cyberattacks. With many of these criminal organisations also behind the distribution of infected software, it means that an increase in software piracy translates to an increased vulnerability to cyber attacks,” says Daniel Kamau, Microsoft’s Anti-piracy Lead for sub-Saharan Africa. “In the region the internet population is fast growing, meaning a large and unsuspecting base of targets to cybercriminals. Combine this with the lack of strong cybercrime laws and high piracy rate on the continent and its clear why we’re seeing more and more people fall victim to attacks.”
Government officials expressed concern about the potential impact of cybersecurity threats to their nations. According to the survey, governments are most worried about the loss of business trade secrets or competitive information (59 percent), unauthorized access to confidential government information (55 percent), and the impact of cyberattacks on critical infrastructure (55 percent). It is estimated that governments could lose more than $50 billion to deal with the costs associated with malware on pirated software.
The African continent accounts for only 2 percent of global GDP, yet it accounts for 10 percent of global cybercrime incidents. Across the continent, governments are increasingly partnering with local associations and vendors to combat the scourge of piracy and the associated risk of cybercrime. In Kenya for example, Microsoft has already partnered with the Kenya Copyright Board to combat piracy, which according to the 2011 BSA Global Software Piracy Study, currently sits at 83% across the East and Southern Africa region.
"The Kenyan Copyright Act which was last amended in 2013 clearly sets out exclusive rights for rights holders and penalties for those who infringe on copyright and related rights. Research has shown that it is not only important to protect this type of innovation, but also to highlight the risks associated with using unauthorised software. These include exposing yourself and your business to potential malware infections, a loss of data and even cybercrime incidents, " says Marisella Ouma, Executive Director of the Kenya Copyright Board.
“Cybercriminals are profiting from any security lapse they can find, with financially devastating results for everyone,” said David Finn, executive director and associate general counsel, Microsoft Cybercrime Center. “Motivated by money, they’ve found new ways to break into computer networks so they can grab whatever they want: your identity, your passwords and your money. That’s why at the Microsoft Cybercrime Center, we’re focused on putting an end to these malicious acts to keep personal and financial data safe and secure, while reducing the financial incentive for criminals.”
The study was released today as part of Microsoft’s “Play It Safe” campaign, a global initiative to create greater awareness of the connection between malware and piracy.
Additional highlights from the survey include the following:
- Nearly two-thirds of enterprise losses ($315 billion) will be at the hands of organized criminals.
- Nearly 20 percent of the pirated software in enterprises is installed by employees.
- Twenty-eight percent of enterprise respondents reported security breaches causing network, computer or website outages occurring every few months or more; 65 percent of those outages involved malware on end-user computers.
“Using pirated software is like walking through a field of landmines: You don’t know when you’ll come upon something nasty, but if you do it can be very destructive,” said John Gantz, chief researcher at IDC. “The financial hazards are considerable, and the potential losses could leave once-profitable businesses on shaky ground. Buying legitimate software is less expensive in the long run — at least you know that you won’t get anything ‘extra’ in the form of malware.”
The NUS forensics analysis of 203 new PCs loaded with pirated software found that a staggering 61 percent of the PCs were pre-infected with unsafe malware, including Trojans, worms, viruses, hacktools, rootkits and adware. These PCs, purchased through resellers and PC shops in 11 markets, included more than 100 discrete threats.
“It is hugely concerning that brand new PCs are coming pre-infected with dangerous malware due to pirated software, making the users and companies readily vulnerable to security breaches,” said Professor Biplab Sikdar, Department of Electrical & Computer Engineering, National University of Singapore. “The university’s forensic tests clearly indicate how cybercriminals are increasingly leveraging the unsecure supply chain of piracy to spread malware and compromise PC security in a serious way. We would only recommend usage of genuine software for online safety and cybersecurity.”
The global study surveyed 1,700 consumers, IT workers, chief information officers, and government officials in Brazil, China, France, Germany, India, Indonesia, Japan, Mexico, Poland, Russia, Singapore, Ukraine, the United Kingdom, and the United States, and analyzed 203 computers acquired in Brazil, China, India, Indonesia, Mexico, Russia, South Korea, Thailand, Turkey, Ukraine, and the United States. This year’s research is an extension of IDC’s 2013 study, “The Dangerous World of Counterfeit and Pirated Software,” differentiated by the attitude of government officials as well as the analysis of new markets, making the economic connection to cybercrime.
Whether an individual user, a small business, enterprise or even a government institution, all are encouraged to buy new computers from reputable sources to ensure they receive genuine software. Microsoft is committed to protecting its unsuspecting consumers from downloading or purchasing non-genuine software that exposes victims to malware that can lead to identity theft, loss of data and system failures.
More information about the IDC study is available at the Microsoft Play It Safe website, http://www.play-it-safe.net