Malware from Pirated Software Costs Billions, Study Finds
CREDIT: Eraxion | Dreamstime.com
Think you can afford to skimp on your software purchases? Microsoft disagrees.
A new report issued on behalf of the company claims the malware that often accompanies pirated and counterfeit software will cost the world an estimated $114 billion this year.
According to "The Dangerous World of Counterfeit and Pirated Software," a Microsoft-sponsored report compiled by Framingham, Mass., market-research firm International Data Corporation, consumers and businesses who opt out of buying legitimate software products run a high risk of malware infection.
"For consumers, it is not just lost time and money to fix the problem, but also the risk of lost data and identity theft," the report says. "For enterprises and governments, it is time and money better spent on other things, lost business and reputation from data breaches, and threats to critical infrastructure."
Running the risks
The report was partly based on tests of 533 Web-based sources of pirated software, including peer-to-peer (P2P) networks, download sites and pirated-software DVD markets.
The study found that 36 percent of downloads of pirated software lead to malware infection in the form of viruses, Trojan horses, keystroke-capturing software, authentication backdoors and spyware.
More than 2,000 people in 10 countries were interviewed, split almost evenly between consumers and business users.
For the purposes of the study, pirated software was defined as "improperly licensed or not licensed at all." Counterfeit software was defined as a subset of pirated software that is "deliberately presented as genuine when it is not."
The report also delves into the sketchy realm of pirated software CDs and DVDs. Thirty percent of the 155 pirated-software disks tested simply didn't work or contained the wrong files.
Of the 70 percent that did work, 15 percent contained malware that infected the testers' virtual PCs. Fourteen percent needed installation keys downloaded from the Web, and these resulted in yet more malware infections.
However, as the report noted, at least half of all Windows machines in the world are never fully patched.
Among the roughly 1,100 consumers surveyed, only 23 percent said they'd never had a problem with their computers after installing pirated software.
Nearly half said pirated software had slowed their machines to the point that the software had to be removed; 26 percent said they'd been infected by malware associated with pirated software.
An analysis of the pirated-software sources showed that nearly half of all illegitimate software can be downloaded from the Internet.
However, street vendors still hawk 21 percent of the world's pirated software. Sixteen percent of pirated software installed is borrowed from another user, such as a friend or employer.
A small but significant amount — about 7 percent — of pirated software came pre-installed on computers or was sold by stores selling computers.
Though the report lacks specific data as to who exactly is producing all of this illegitimate merchandise, the research does cite "individuals, small teams of hackers, giant shadowy enterprises like The Pirate Bay and major piracy syndicates" as sources of counterfeit and pirated software.
There was reportedly even a major Mexican drug cartel that sold pirated-software CDs stamped with its own logo.
The report included some caveats, especially when compared to a similar study IDC conducted in 2006.
The proportion of websites that tried to infect IDC's computers fell from 25 percent to 14 percent since the previous study; the proportion of CD and DVDs containing malware fell from 33 percent to 14 percent.
"Street-market pirated software is getting better — more functional and cleaner — but also harder to find in more and more countries," the report said. "For instance, in 2006 there was no problem finding counterfeit CDs/DVDs in Russia; this time we didn't find enough to test."
The damage done by these products can be measured monetarily, according to IDC.
The report estimates that malware installed along with pirated software on individual and business PCs causes approximately 1.5 billion hours' worth of maintenance to fix.
From that estimate, IDC came up with a price tag of $114 billion as the total cost related to pirated software for individuals and enterprises across the globe.
The Microsoft-funded report concludes that those who choose to run counterfeit or pirated software have a one-in-three chance of inadvertently installing malware on their computers.
Despite the implied bias of a report sponsored by the biggest name in software, those who want to keep their data safe from scammers, hackers and other ne'er-do-wells should heed the company's warning to avoid software from illegitimate sources.
After all, even software that seems legitimate has been found to contain malware.
To avoid a malware-induced headache, always use anti-virus software to scan downloads and installation media prior to opening or installing files.