Governments, consumers and companies are all victims of the increasing presence of malware. A new report highlights the link between malicious code and criminal organisations.

Malware: a Lucrative Channel for Cybercrime

Close to two thirds of all new computers sold are infected with malicious software, known as ‘malware’. This is the first striking finding of a report entitled ‘The Link Between Pirated Software and Cybersecurity Breaches’, drawn up jointly by the Microsoft Digital Crimes Unit, global market intelligence provider International Data Corporation (IDC), and the National University of Singapore (NUS). This year NUS research found over a hundred discrete threats, among them a virus that stops some security software from running properly and tries to download other files from a remote server, and a Trojan that creates a proxy server on an infected computer and may be used to relay spam email. Although the scourge of malware affects all user categories – individual consumers, company employees and government departments – few people seem aware of the link between malware and cybercrime. The researchers estimate that 65% of all consumers and 30% of enterprise customers buy computers from suspect sources rather than directly from named brand vendors or national chain stores.

Counting the cost

In 2014, enterprises will have to spend some $127 billion dealing with security issues arising from malware associated with pirated software – identification, repair and data recovery – the report predicts. To this sum must be added around $364 billion which is likely to be spent on dealing with data breaches. Close to two thirds of these losses – $315 billion – will be the result of the activity of criminal organisations, say the experts. Another disconcerting figure is that some 27% of company employees surveyed for the report have installed their own software on work PCs, which has resulted in close to 20% of pirated software in enterprises being installed by employees without their companies knowing. This revelation calls company security procedures put in place by IT departments strongly into question. Based on survey responses, the report’s authors calculate that more than 50% of end-user PCs are not protected by any effective audit. They further predict that in 2014 consumers will spend a total of $25 billion and waste 1.1 billion hours dealing with security issues arising from malware in pirated software.


The need to protect oneself

Consumers’ greatest fears as regards malware and cybercrime are loss of data files or personal information, online fraud, and hijacking of emails and social network content. However, close to half (43%) of all respondents do not help themselves to avoid problems by routinely installing security updates on their computers. Moreover, if the statistics in the report are accurate, governments have much to fear from pirated software and need to understand the dangers so as to protect themselves as effectively as possible.  However, government officials polled during the survey appear to have a poor understanding of the relationship between pirated software and malware. Government administrations are not exempt from these threats and the Microsoft/IDC/NUS researchers say they ought to be “quite worried”. However, almost half of the government officials worldwide responding to the poll say that their department or agency has set up an educational programme addressing the security threats from pirated software.