Malware in counterfeit software to cost business $114bn in 2013

Dealing with malware in counterfeit software will cost global enterprises an estimated $114bn in 2013, says research firm IDC

Dealing with malware in counterfeit software will cost global enterprises an estimated $114bn in 2013, says research firm IDC.

The potential losses from data breaches could reach nearly $350bn, according to a study of the dangers of pirated and counterfeit software, commissioned by Microsoft.

The study polled more than 900 business users, 200 IT managers and 1,000 consumers in 10 countries, including the UK, and analysed 270 websites and peer-to-peer (P2P) networks, 108 software downloads and 155 CDs or DVDs.

Researchers said "pirated software" refers to software that is improperly or not licensed while "counterfeit software" refers to software that is deliberately presented as genuine when it is not.

Embedding malware in counterfeit software is an increasingly popular way for cyber criminals to infect the computers of unsuspecting consumers and businesses.

The study found consumers will spend 1.5 billion hours and $22bn identifying, repairing and recovering from the impact of malware in counterfeit software.

Researchers said although some computer users may actively seek pirated software to save money, the chances of infection by unexpected malware are one in three for consumers and three in 10 for businesses.

Researchers found that of counterfeit software that does not come with the computer, 45% comes from the internet and 78% of this software downloaded from websites or P2P networks, included some type of spyware, while 36% contained Trojans and adware.

“The cyber crime reality is that counterfeiters are tampering with the software code and lacing it with malware,” said David Finn, associate general counsel in the Microsoft Cybercrime Center.

Read more on counterfeit software:

“Some of this malware records a person’s every keystroke — allowing cyber criminals to steal a victim’s personal and financial information — or remotely switches on an infected computer’s microphone and video camera, giving cyber criminals eyes and ears in boardrooms and living rooms.

“The best way to secure yourself and your property from these malware threats when you buy a computer is to demand genuine software,” said Finn.

Insecure software is also often introduced into the corporate environment by end-users, but with only 38% of IT managers acknowledging the problem and 57% of workers admitting to doing it, for many enterprises, user-installed software may be a blind spot in ensuring a secure network, the report said.

The study also found that 64% of people that respondents knew had used counterfeit software experienced security issues and 45% of the time, counterfeit software slowed their PCs, and the software had to be uninstalled.

Nearly half of respondents said their greatest concern with using counterfeit software was data loss while 29% were most concerned with identity theft, the study said.

“Our research is unequivocal: inherent dangers lurk for consumers and businesses that take a chance on counterfeit software,” said John Gantz, chief researcher at IDC.

“Some people choose counterfeit to save money, but this ‘ride-along’ malware ends up putting a financial and emotional strain on both the enterprise and casual computer users alike,” he said.

Read more on Application security and coding requirements