How Software Piracy Increases Security Risks

This isn't surprising but it's bound to inflame some people: an analysis of malware infections by Microsoft suggests that regions with a pronounced level of software piracy are also more likely to suffer from higher levels of computer security problems.

Ship picture from Shutterstock

The report tracked infections between January and June last year that were detected by Microsoft's Malicious Software Removal Tool. The measurement metric used is the impressive-sounding if unpleasantly imperial "computers cleaned per mile", or CCM. CCM ratings turned out to be much lower in countries which also had higher levels of software piracy. As the report explains:

The implications of this observation are complex. Countries that do a better job managing cybersecurity may also do a better job mitigating piracy, or countries with higher piracy rates may have a more difficult time containing malware and other cyber threats. This is a topic for further research, but we found the relationship between piracy rates and CCM scores compelling enough to highlight here.

One possible obvious reason for the correlation in that some computer users will try and download cracked commercial software rather than paying for it. That tendency can easily be exploited by malware authors, who can set up fake free copies of Photoshop/Office/Skyrim that people will download. That also tends to circumvent any existing systems (such as Windows User Access Control or security software) which track executable downloads, since the user will willingly click through any warning dialogues.

If individuals want to be stupid and greedy, they'll pay the price. In a work environment, blocking the ability to run any installers will eliminate this particular possibility. Basic, but effective.

Understanding the impact of piracy on cybersecurity [Malware Protection Center]


Comments

    Correlation doesn't equate to causation. Just like how ice cream consumption is correlated to incidents of riots, doesn't mean that ice cream is the cause of the riots.

      This. Angus, I'm disappointed. You should know correlation is only a supporting statistic - it's useless on its own. The report even says there are many possible causes and further research would be needed. You really should change the title of this article to something that's not outright dishonest.

      Is ice cream consumption really correlated to incidents of riots?

      Makes sense though.

        Apparently so. People don't tend to riot in middle of winter (i.e. too cold to be outside). So statistically, riots tend to happen in the warmer time of year, which is the time that people like to eat ice creams.

          Anything that occurs at the same time is correlated, even if unrelated. My favorite is the strong correlation between the decrease in Pirate attacks since the 1700s and the increase in diagnosed cases of depression.

            It makes me sad that there are fewer pirate these days.

      Just going to say this very thing, but my example was going to be ice cream and shark attacks are correlated.

        LOL, sounds like ice cream is the root of all evil.

    "If individuals want to be stupid and greedy, they’ll pay the price."

    I agree it is stupid to download software from an untrusted source and install it on your computer.

    However to paint all people who do this as greedy is not fair, especially not from your comfortable perspective as a westerner. Take for instance an indian student who can only just afford an old second hand PC for $100, is it greedy for him to pirate a $600 programme that he needs to get his education? And before you call it theft, it is patently not theft, theft would involve an unlawful transfer of property from one to another whereas this is not so black and white ( and a much larger discussion).

    I wouldn't call it greed, I would call that trying to live.

      I wouldn't call him greedy but it opens a larger discussion of; Should someone be allowed to steal something or have a sense of entitlement to something because they want it or at a stretch 'need' it.

      Student A wants to be a 3D artist and somehow believes he is entitled to pirate the software because he 'needs' it and spent all of his money on his PC?

      What if he stole that PC because he owned a legitimate copy of the software?

      Education is never free, at a very base level it costs time to the educator. Although based on what they pay teachers you might think education was cheap.

      Try tell that to the Developer of the software, the poor indian student pirates from. "I'm sorry you spent years of coding and developing this program, but think of the great deed you are doing for my education that i pirate your software" . I doubt you would find many who would agree to that. You know what i got told when i wanted something i couldnt afford but needed it. That's Life, you cant afford it, find a alternative.

      Also the videographer who does wedding videos and spends the $1000.00 on his video editing software, expensive but something he needs to do to make his videos professional. Then comes along the guy who is also a videographer but pirates the Editing software as he is in the same position, cant really afford but needs it. Should these two guys be treated as equal.

      Theft can be justified endlessly, but this is one of the poorer examples I've seen. Try harder.

        Please enlighten me then Juice.

          Enlighten you about what, Daveo? (Given I wasn't replying to you, I just want to know what you want to know.)

    I remember a comedy segment that I heard on the radio years ago, when those "you wouldn't steal a car, you wouldn't steal a movie" ads first started appearing which summed it up pretty well I thought.

    The ads are correct: you wouldn't steal a car, but if a friend came up to you and said, "Hey want me to burn you a copy of my (insert awesome car here)" would you say no?

      They were amusing. Though it is a comment on society that the answer would be "Yes, I would" If it was a 'faceless' and 'harmless' crime without any fear of being reprimanded or even caught for committing it.

      And I agree, this story, it's title and conclusions are poor at best.

      Yeah, I wouldnt steal a car, but I'd damn well download a Ferrari if I could.

      With 3D Printers, I would sure as hell pirate a Porche and print that shit out

    People who pirate software tend not to keep up with security updates - the pirated versions available are rarely the very latest, and often the official 'security fix' download channel isn't useable.

    Lack of security updates == more known exploits remaining unfixed == much more vulnerable computers. There's still a surprising number of XP machines out there that haven't been patched since 2006 because of WGA.

Join the discussion!

Trending Stories Right Now