· All of tested torrent hosting websites opened with multiple popup windows with suspicious advertisement
· A third (34%) of downloaded pirated software came bundled with malware that infects the computer once the download is complete, or when the folder containing the pirated software is opened.
· Nearly all (92%) of new and unused computers that had pirated software installed were also infected with malware.
· Infected CDs and DVDs with pirated software contained an average of five malware strains, with some going as high as 38 malware instances.
The National University of Singapore (NUS) Faculty of Engineering has released the results of its new study, Cybersecurity Risks from Non-Genuine Software, which found that cybercriminals are compromising computers by embedding malware in pirated software and the online channels that offer them. The study was commissioned by Microsoft.
With the Asia Pacific commercial market of non-genuine software worth US$19 billion in 2016* the research aimed to quantify the link between software piracy and malware infections in Asia Pacific. "At one point (software piracy) was just about violation of intellectual property, poor performance, losses in taxes," Keshav Dhakad, Assistant General Counsel & Regional Director, Digital Crimes Unit (DCU), Microsoft Asia said. "Now it is about what it leads to."
Dhakad noted that piracy used to be considered an economic issue. "Those days are gone by. Today the government needs to see that citizen security, the data of citizens, the data of the businesses, are all related to (national) security," he said, pointing out that economic and political crises as well as geopolitical conflicts can even be caused through security breaches now. "These attackers are not coming by air or land or sea. They attack you from anywhere. Governments have to play a critical role. They have to protect citizens, they have to protect businesses and they have to protect the government themselves."
The report discovered that 100% of the websites that host pirated software download links expose users to multiple security risks, including advertisements with malicious programs. Among other findings, it also found that 92% of new computers installed with non-genuine software are infected with dangerous malware.
“The study’s findings all point to the fact that uncontrolled and malicious sources of pirated software, particularly on the Internet, are being converted into effective means of spreading malware infections. And what we would like to achieve with this report is to help users recognize that the personal and business risks and financial costs are always much higher than any perceived costs they save from using non-genuine software,” said Associate Professor Biplab Sikdar from the Department of Electrical & Computer Engineering at NUS Faculty of Engineering, who led the study.
Software piracy is a recognised global problem and three in five personal computers (PCs) in Asia Pacific were found to be using non-genuine software in 2016*. While pirated software may cost less than buying the genuine article, it also exposes users to a plethora of cyber threats.
“Hackers and organised cybercriminals today are adept at exploiting information technology vulnerabilities and human errors to compromise computers for malicious and financial gains at the expense of organisations and individuals. Cybercrime is predicted to cost the global economy an estimated US$6 trillion by 2021**,” said Dhakad.
“While cybersecurity defenses continue to evolve, users are slow at adapting, whereas cybercriminals are constantly advancing their attack vectors (malware strains) and delivery mechanisms. Piracy of software is increasingly becoming a key vehicle for cybercriminals to exploit computer vulnerabilities and breach security measures with ease.”
The new study analysed 90 new laptops and computers as well as 165 software CDs/DVDs with pirated software. The samples were randomly purchased from vendors that are known to sell pirated software from across eight countries in Asia - Malaysia, Indonesia, Thailand, Vietnam, Sri Lanka, Bangladesh, South Korea, and Philippines, and included operating systems, games, Adobe products, and antivirus software. While the study was conducted in Singapore, samples were not purchased locally as they are relatively rare here, Dhakad said.
Researchers also examined 203 copies of pirated software downloaded from the Internet that were downloaded from Bit Torrent. This aligns with the trend where software is increasingly being acquired through online downloads channels, and the findings are relevant globally.
Each of these samples was thoroughly investigated for the presence of malware infections using seven different antimalware engines – AVG AntiVirus, BitDefender Total Security, IKARUS anti.virus, Kaspersky Anti-Virus, McAfee Total Protection, Norton Security Standard, and Windows Defender, as each engine did not necessarily detect the same malware.
Some key insights from the study:
The study found that 100% of tested torrent hosting websites opened with multiple popup windows with suspicious advertisements. Many of these contain links that download malware when clicked, or which show objectionable content such as pornography. Some of the popups could not be closed by clicking on an 'x' in the corner as is the usual practice, while others made misleading claims in order to get the user to click on included links.
In addition, the researchers encountered the following risks and suspicious behaviours when downloading and installing pirated software found on peer-to-peer networks:
· A third (34%) of the downloaded pirated software came bundled with malware that infect the computer once the download is complete or when the folder containing the pirated software is opened.
· A third (31%) of the downloaded pirated software did not complete installation, which suggests other motives behind their presence on torrent hosting websites. These misleading torrents either tricked users into downloading malicious programs or are used to increase the traffic to the torrent hosting sites so as to subject the visitor to malware and unwanted advertisements.
· A quarter (24%) of the malicious programs bundled with the pirated software downloads deactivated the antimalware software running on the computer. Once the antimalware engine is blocked, the downloaded malware installs itself on the computer.
· Two in 10 (18%) of these installations prompt users to change default settings on browsers and install add-on toolbars during installation. These changes to the browser settings lead to new home pages and a new default search engine as well as unwanted toolbars.
· One in 10 (12%) of these installations require users to contact additional websites to complete the process. This is often portrayed as further steps to obtain the license keys or “cracks” needed to activate the pirated software, and they can lead to more popups and additional malware exposure.
The study found that 92% of new and unused computers that had pirated software installed were pre-infected with malware. These computer samples were purchased from vendors that are known to sell non-genuine software. The presence of malware in these computers is concerning as end-users expect these new devices to be risk-free.
Out of the 165 DVDs and CDs samples acquired for this report, three in five (61%) contained malware. Infected discs contained an average of five malicious programs. In some cases, as many as 38 malware instances were found on a single DVD.
The researchers also observed that a number of pirated antivirus software programs were embedded with malware. Using these compromised, non-genuine security programs not only infect the computer, but also lull users into a sense of complacency, which may lead to further exploitation of the computers and the users’ data and information.
The study found close to 200 malware strains in all the samples. Among those, Trojans were the most common category of high-risk cyber threats encountered, with a total of 79 unique Trojans malware strains. They also comprise 51% of all malware found embedded in downloaded pirated software. While Trojans usually depend on social engineering to trick or mislead users into executing them, bundling them with pirated software makes it easier for cybercriminals to compromise PCs. Once a Trojan is active on an infected computer, it installs a backdoor for hackers to access and command the device. This allows cybercriminals to steal confidential information, modify firewall settings, and delete or encrypt data.
An enormous range of worms, viruses and droppers, which were created for stealing information and taking control of their host computers were also found in the samples. These malicious programs can replicate without human intervention and have the capability to spread more rapidly.
“Pirated software are effective malware carriers as cybercriminals are able to tamper the programs and embed malicious programs with files that autorun or are used for setup. This greatly increases the likelihood of the malware being executed on the computers and spread further in the network,” said Associate Professor Biplab.
“Although the risk of contracting malware through all sources of pirated software is high, the online medium is turning out to be a more potent infection vector. It not only provides cybercriminals with the scale to attack anybody, anywhere, anytime, it also allows them to easily camouflage their malicious activities and attack remotely. This makes them harder to be detected and stopped.”
The most effective defense against malware from pirated software is to use genuine software products. Consumers and small businesses can further protect themselves from pirated and counterfeit software as well as malware with the following best practices:
· Source and buy your computers and laptops from reputable vendors.
· Always insist on genuine software from your vendors and opt for computers which come preinstalled with genuine software by hardware manufacturers.
· When purchasing a computer, always request for an invoice which clearly calls out the software title and version which has been installed on the machine.
· Keep your software current with latest product updates and security patches, and strengthen your security posture by installing strong antivirus software.
· Do not use old operating systems such as Windows XP which have reached their end of life.
For enterprises and government organisations, Microsoft recommends:
· A third (34%) of downloaded pirated software came bundled with malware that infects the computer once the download is complete, or when the folder containing the pirated software is opened.
· Nearly all (92%) of new and unused computers that had pirated software installed were also infected with malware.
· Infected CDs and DVDs with pirated software contained an average of five malware strains, with some going as high as 38 malware instances.
 |
| Associate Professor Biplab Sikdar from the Department of Electrical & Computer Engineering at NUS Faculty of Engineering. |
The National University of Singapore (NUS) Faculty of Engineering has released the results of its new study, Cybersecurity Risks from Non-Genuine Software, which found that cybercriminals are compromising computers by embedding malware in pirated software and the online channels that offer them. The study was commissioned by Microsoft.
With the Asia Pacific commercial market of non-genuine software worth US$19 billion in 2016* the research aimed to quantify the link between software piracy and malware infections in Asia Pacific. "At one point (software piracy) was just about violation of intellectual property, poor performance, losses in taxes," Keshav Dhakad, Assistant General Counsel & Regional Director, Digital Crimes Unit (DCU), Microsoft Asia said. "Now it is about what it leads to."
Dhakad noted that piracy used to be considered an economic issue. "Those days are gone by. Today the government needs to see that citizen security, the data of citizens, the data of the businesses, are all related to (national) security," he said, pointing out that economic and political crises as well as geopolitical conflicts can even be caused through security breaches now. "These attackers are not coming by air or land or sea. They attack you from anywhere. Governments have to play a critical role. They have to protect citizens, they have to protect businesses and they have to protect the government themselves."
The report discovered that 100% of the websites that host pirated software download links expose users to multiple security risks, including advertisements with malicious programs. Among other findings, it also found that 92% of new computers installed with non-genuine software are infected with dangerous malware.
“The study’s findings all point to the fact that uncontrolled and malicious sources of pirated software, particularly on the Internet, are being converted into effective means of spreading malware infections. And what we would like to achieve with this report is to help users recognize that the personal and business risks and financial costs are always much higher than any perceived costs they save from using non-genuine software,” said Associate Professor Biplab Sikdar from the Department of Electrical & Computer Engineering at NUS Faculty of Engineering, who led the study.
Software piracy is a recognised global problem and three in five personal computers (PCs) in Asia Pacific were found to be using non-genuine software in 2016*. While pirated software may cost less than buying the genuine article, it also exposes users to a plethora of cyber threats.
“Hackers and organised cybercriminals today are adept at exploiting information technology vulnerabilities and human errors to compromise computers for malicious and financial gains at the expense of organisations and individuals. Cybercrime is predicted to cost the global economy an estimated US$6 trillion by 2021**,” said Dhakad.
“While cybersecurity defenses continue to evolve, users are slow at adapting, whereas cybercriminals are constantly advancing their attack vectors (malware strains) and delivery mechanisms. Piracy of software is increasingly becoming a key vehicle for cybercriminals to exploit computer vulnerabilities and breach security measures with ease.”
The new study analysed 90 new laptops and computers as well as 165 software CDs/DVDs with pirated software. The samples were randomly purchased from vendors that are known to sell pirated software from across eight countries in Asia - Malaysia, Indonesia, Thailand, Vietnam, Sri Lanka, Bangladesh, South Korea, and Philippines, and included operating systems, games, Adobe products, and antivirus software. While the study was conducted in Singapore, samples were not purchased locally as they are relatively rare here, Dhakad said.
Researchers also examined 203 copies of pirated software downloaded from the Internet that were downloaded from Bit Torrent. This aligns with the trend where software is increasingly being acquired through online downloads channels, and the findings are relevant globally.
Each of these samples was thoroughly investigated for the presence of malware infections using seven different antimalware engines – AVG AntiVirus, BitDefender Total Security, IKARUS anti.virus, Kaspersky Anti-Virus, McAfee Total Protection, Norton Security Standard, and Windows Defender, as each engine did not necessarily detect the same malware.
Some key insights from the study:
The study found that 100% of tested torrent hosting websites opened with multiple popup windows with suspicious advertisements. Many of these contain links that download malware when clicked, or which show objectionable content such as pornography. Some of the popups could not be closed by clicking on an 'x' in the corner as is the usual practice, while others made misleading claims in order to get the user to click on included links.
In addition, the researchers encountered the following risks and suspicious behaviours when downloading and installing pirated software found on peer-to-peer networks:
· A third (34%) of the downloaded pirated software came bundled with malware that infect the computer once the download is complete or when the folder containing the pirated software is opened.
· A third (31%) of the downloaded pirated software did not complete installation, which suggests other motives behind their presence on torrent hosting websites. These misleading torrents either tricked users into downloading malicious programs or are used to increase the traffic to the torrent hosting sites so as to subject the visitor to malware and unwanted advertisements.
· A quarter (24%) of the malicious programs bundled with the pirated software downloads deactivated the antimalware software running on the computer. Once the antimalware engine is blocked, the downloaded malware installs itself on the computer.
· Two in 10 (18%) of these installations prompt users to change default settings on browsers and install add-on toolbars during installation. These changes to the browser settings lead to new home pages and a new default search engine as well as unwanted toolbars.
· One in 10 (12%) of these installations require users to contact additional websites to complete the process. This is often portrayed as further steps to obtain the license keys or “cracks” needed to activate the pirated software, and they can lead to more popups and additional malware exposure.
The study found that 92% of new and unused computers that had pirated software installed were pre-infected with malware. These computer samples were purchased from vendors that are known to sell non-genuine software. The presence of malware in these computers is concerning as end-users expect these new devices to be risk-free.
Out of the 165 DVDs and CDs samples acquired for this report, three in five (61%) contained malware. Infected discs contained an average of five malicious programs. In some cases, as many as 38 malware instances were found on a single DVD.
The researchers also observed that a number of pirated antivirus software programs were embedded with malware. Using these compromised, non-genuine security programs not only infect the computer, but also lull users into a sense of complacency, which may lead to further exploitation of the computers and the users’ data and information.
 |
| Source: Microsoft infographic. Trojans were the top encountered malware from all pirated software sources. |
The study found close to 200 malware strains in all the samples. Among those, Trojans were the most common category of high-risk cyber threats encountered, with a total of 79 unique Trojans malware strains. They also comprise 51% of all malware found embedded in downloaded pirated software. While Trojans usually depend on social engineering to trick or mislead users into executing them, bundling them with pirated software makes it easier for cybercriminals to compromise PCs. Once a Trojan is active on an infected computer, it installs a backdoor for hackers to access and command the device. This allows cybercriminals to steal confidential information, modify firewall settings, and delete or encrypt data.
An enormous range of worms, viruses and droppers, which were created for stealing information and taking control of their host computers were also found in the samples. These malicious programs can replicate without human intervention and have the capability to spread more rapidly.
 |
| Source: Microsoft infographic. Top encountered malware in Asia Pacific. In contrast, Singapore's No. 1 malware encountered is Dynamer, followed by Spursint and then Xadupi. |
“Pirated software are effective malware carriers as cybercriminals are able to tamper the programs and embed malicious programs with files that autorun or are used for setup. This greatly increases the likelihood of the malware being executed on the computers and spread further in the network,” said Associate Professor Biplab.
“Although the risk of contracting malware through all sources of pirated software is high, the online medium is turning out to be a more potent infection vector. It not only provides cybercriminals with the scale to attack anybody, anywhere, anytime, it also allows them to easily camouflage their malicious activities and attack remotely. This makes them harder to be detected and stopped.”
The most effective defense against malware from pirated software is to use genuine software products. Consumers and small businesses can further protect themselves from pirated and counterfeit software as well as malware with the following best practices:
· Source and buy your computers and laptops from reputable vendors.
· Always insist on genuine software from your vendors and opt for computers which come preinstalled with genuine software by hardware manufacturers.
· When purchasing a computer, always request for an invoice which clearly calls out the software title and version which has been installed on the machine.
· Keep your software current with latest product updates and security patches, and strengthen your security posture by installing strong antivirus software.
· Do not use old operating systems such as Windows XP which have reached their end of life.
For enterprises and government organisations, Microsoft recommends:
· Augment basic identity management systems with multifactor authentication mechanisms to achieve greater levels of trust.
· Organisations should ensure that their software and operating systems are regularly updated and all security patches are applied immediately on release.
· All older and unsupported versions of software are recommended to be retired immediately once the modern and secure versions are available.
· All computing devices in an organisation should be protected with a robust and reputable antimalware solution. The antimalware definitions should be updated every day to ensure up to date protection against cyberthreats.
· Train employees on safe cyber practices and educate them on the importance of using trusted software platforms.
“Organisations need to recognise that cybersecurity is no longer just a protector of online assets, it is also a critical business enabler. The KPMG 2017 CEO Outlook survey found that a significant proportion of CEOs (71%) saw their investment in cyber as an opportunity to find new revenue streams and innovate, rather than as an overhead cost,” said Daryl Pereira, Head of Cyber Security, KPMG in Singapore.
“However, cybersecurity vulnerability is at an all-time high – the 2017 Harvey Nash/KPMG CIO Survey found that a third of IT leaders’ organisations (32%) had been subject to a major cyber-attack in the past 24 months. Establishing a solid foundation for cyber-hygiene is vital to the success of any digital transformation journey.
"For example, organisations need to embed 'security by design' into their business processes and product designs right from the outset, and staff must be trained to recognise malware attacks and the need to use trusted software platforms. Without a 'cybersecurity-ready' mindset becoming part of your business DNA, it will be challenging for any company to innovate and stay relevant in today’s digital age.”
Hashtag: #CyberTrustAPAC
*BSA global software survey, Seizing Opportunity Through License Compliance
**Cybersecurity Ventures, 2016 Cybercrime Report
· Organisations should ensure that their software and operating systems are regularly updated and all security patches are applied immediately on release.
· All older and unsupported versions of software are recommended to be retired immediately once the modern and secure versions are available.
· All computing devices in an organisation should be protected with a robust and reputable antimalware solution. The antimalware definitions should be updated every day to ensure up to date protection against cyberthreats.
· Train employees on safe cyber practices and educate them on the importance of using trusted software platforms.
“Organisations need to recognise that cybersecurity is no longer just a protector of online assets, it is also a critical business enabler. The KPMG 2017 CEO Outlook survey found that a significant proportion of CEOs (71%) saw their investment in cyber as an opportunity to find new revenue streams and innovate, rather than as an overhead cost,” said Daryl Pereira, Head of Cyber Security, KPMG in Singapore.
“However, cybersecurity vulnerability is at an all-time high – the 2017 Harvey Nash/KPMG CIO Survey found that a third of IT leaders’ organisations (32%) had been subject to a major cyber-attack in the past 24 months. Establishing a solid foundation for cyber-hygiene is vital to the success of any digital transformation journey.
"For example, organisations need to embed 'security by design' into their business processes and product designs right from the outset, and staff must be trained to recognise malware attacks and the need to use trusted software platforms. Without a 'cybersecurity-ready' mindset becoming part of your business DNA, it will be challenging for any company to innovate and stay relevant in today’s digital age.”
Hashtag: #CyberTrustAPAC
*BSA global software survey, Seizing Opportunity Through License Compliance
**Cybersecurity Ventures, 2016 Cybercrime Report
posted from Bloggeroid
No comments:
Post a Comment