19:59 | 21/06/2017 Information Technology
The National University of Singapore (NUS) Faculty of Engineering today released the results of its new study, “Cybersecurity Risks from Non-Genuine Software”, which found that cybercriminals are compromising computers by embedding malware in pirated software and the online channels that offer them. The study was commissioned by Microsoft.
|Keshav Dhakad, Assistant General Counsel & Regional Director, Digital Crimes Unit (DCU), Microsoft Asia|
The study, which aims to quantify the link between software piracy and malware infections in Asia Pacific, discovered that 100% of the websites that host pirated software download links expose users to multiple security risks, including advertisements with malicious programs. Among other findings, it also found that 92% of new computers installed with non-genuine software are infected with dangerous malware.
“The study’s findings all point to the fact that uncontrolled and malicious sources of pirated software, particularly on the Internet, are being converted into effective means of spreading malware infections. And what we would like to achieve with this report is to help users recognize that the personal and business risks and financial costs are always much higher than any perceived costs they save from using non-genuine software,” said Associate Professor Biplab Sikdar from the Department of Electrical & Computer Engineering at NUS Faculty of Engineering, who led the study.
Pirated Software is a Major Source for Malware Infections
Software piracy is a recognized global problem and three in five personal computers (PCs) in Asia Pacific were found to be using non-genuine software in 2016. However, using pirated software expose users to a plethora of cyber threats.
“Hackers and organized cybercriminals today are adept at exploiting information technology vulnerabilities and human errors to compromise computers for malicious and financial gains at the expense of organizations and individuals. Cybercrime is predicted to cost the global economy an estimated US$6 trillion by 2021”, said Keshav Dhakad, Assistant General Counsel & Regional Director, Digital Crimes Unit (DCU), Microsoft Asia.
“While cybersecurity defenses continue to evolve, users are slow at adapting, whereas cybercriminals are constantly advancing their attack vectors (malware strains) and delivery mechanisms. Piracy of software is increasingly becoming a key vehicle for cybercriminals to exploit computer vulnerabilities and breach security measures with ease.”
Key Insights from the Cybersecurity Risks from Non-Genuine Software Report
The new study analyzed 90 new laptops and computers as well as 165 software CDs/DVDs with pirated software. The samples were randomly purchased from vendors that are known to sell pirated software from across eight countries in Asia - Malaysia, Indonesia, Thailand, Vietnam, Sri Lanka, Bangladesh, South Korea, and Philippines.
Researchers also examined 203 copies of pirated software downloaded from the Internet. This aligns with the trend where software is increasingly being acquired through online downloads channels. Each of these samples was thoroughly investigated for the presence of malware infections using seven anti-malware engines – AVG AntiVirus, BitDefender Total Security, IKARUS anti.virus, Kaspersky Anti-Virus, McAfee Total Protection, Norton Security Standard, and Windows Defender.
Here are some key insights from the study:
One of the most alarming insights from this report is the multitude of risks that users are expose to when they visit websites that offer pirated software downloads. The study found that 100% of tested torrent hosting websites opened with multiple popup windows with suspicious advertisements. Many of these contain links that download malware when clicked or show objectionable content such as pornography.
In addition, the researchers encountered the following risks and suspicious behaviors when downloading and installing pirated software found on peer-to-peer networks:
The study found that 92% of new and unused computers that had pirated software installed were pre-infected with malware. These computer samples were purchased from vendors that are known to sell non-genuine software.
The presence of malware in these computers is concerning as end-users expect these devices to be risk free. They might be less vigilant in checking for cyber threats and monitoring for suspicious activities that may alert them that their computer has been compromised.
A researcher sorting the CD and DVD samples acquired for this study
Out of the 165 DVDs and CDs samples acquired for this report, three in five (61%) contained malware. Infected discs contained an average of five pieces of malicious programs. In some cases, as many as 38 malware instances were found in just one DVD.
The researchers also observed that a number of pirated anti-virus software were embedded with malware. Using these compromised, non-genuine security programs not only infect the computer, but also lull users into a sense of complacency, which may lead to further exploitation of the computers and the users’ data and information.
The study found close to 200 malware strains in all the samples. Among those, Trojans were the most common category of high-risk cyber threats encountered, with a total of 79 unique Trojans malware strains. They also comprise 51% of all malware found embedded in downloaded pirated software. While Trojans usually depend on social engineering to trick or mislead users into executing them, bundling them with pirated software make it easier for cybercriminals to compromise PCs. Once a Trojan is active on an infected computer, it installs a backdoor for hackers to access and command the device. This allows cybercriminals to steal confidential information, modify firewall setting, and delete or encrypt data.
An enormous range of worms, viruses and droppers, which were created for stealing information and taking control of their host computers were also found in the samples. These malicious programs can replicate without human intervention and have the capability to spread more rapidly.
“Pirated software are effective malware carriers as cybercriminals are able to tamper the programs and embed malicious programs with files that autorun or are used for setup. This greatly increases the likelihood of the malware being executed on the computers and spread further in the network,” said Assoc Prof Biplab.
“Although the risk of contracting malware through all sources of pirated software is high, the online medium is turning out to be a more potent infection vector. It not only provides cybercriminals with the scale to attack anybody, anywhere, anytime, it also allows them to easily camouflage their malicious activities and attack remotely. This makes them harder to be detected and stopped.”
Pirated software remains a lucrative revenue stream for many cybercriminals and unscrupulous vendors. The Asia Pacific commercial market of non-genuine software has hit a high of US$19 billion in 2016.
The most effective defense against malware from pirated software is to use genuine software products. Consumers and small businesses can further protect themselves from pirated and counterfeit software as well as malware with the following best practices.
For enterprises and government organizations, there are also several recommendations they can consider to build a stronger stronger IT security ecosystem.
“Organizations need to recognize that cybersecurity is no longer just a protector of online assets, it is also a critical business enabler. The KPMG 2017 CEO Outlook survey found that a significant proportion of CEOs (71%) saw their investment in cyber as an opportunity to find new revenue streams and innovate, rather than as an overhead cost,” said Daryl Pereira, Head of Cyber Security, KPMG in Singapore.
“However, cybersecurity vulnerability is at an all-time high – the 2017 Harvey Nash/KPMG CIO Survey found that a third of IT leaders’ organizations (32%) had been subject to a major cyber-attack in the past 24 months. Establishing a solid foundation for cyber-hygiene is vital to the success of any digital transformation journey. For example, organizations need to embed “security by design” into their business processes and product designs right from the outset, and staff must be trained to recognize malware attacks and the need to use trusted software platforms. Without a “cybersecurity-ready” mindset becoming part of your business DNA, it will be challenging for any company to innovate and stay relevant in today’s digital age.”
Download the infographic for the report here.