Savvy software users have long been wary of unlicensed software, and their paranoia is far from unwarranted. Whether it comes from pirated software DVDs or unlicensed pre-installations, counterfeit software is an all-too-likely source of malware and virus infections. But until recently, we haven’t known just how widespread the threat is.
The Microsoft Security Forensics team recently concluded a study which found that 63 per cent of counterfeit software DVDs and pre-installed unlicensed software contained high-risk malware infections and viruses. The study, conducted on 118 samples from Indonesia, Malaysia, the Philippines, Thailand and Vietnam, uncovered nearly 2,000 instances of backdoors, hijackers, droppers, bots, crackers, password stealers and Trojans.
See? It isn’t paranoia when they really are out to get you.
Enter Patient Zero
Let’s look at how an infection can bring down a hypothetical startup which we’ll call “Biz-Zero Enterprise.” This small but energetic company is ready to make its mark as a new importer and distributor of accessories and adapters for the latest electronic gadgets. All of the staff at Biz-Zero Enterprise will work on Windows PCs, using Office for email and productivity along with some third-party applications. With easy server management with Windows Server and regular updates through Windows Update, it’s an office IT environment that ought to run smoothly and without trouble.
Meet Patient Zero.
Patient Zero is a shiny new laptop, purchased cheaply at a retail outlet by one of the senior staff at what seems like a bargain price. How did the shadowy retailer manage to offer such a low price? Simple: Patient Zero is running an unlicensed version of Windows 7, downloaded from a pirate site on the Internet.
Like the first victim in a real-world viral outbreak, the laptop we call Patient Zero brings the deadly infection right into the workplace. With malicious code infecting its systems from the very start, its immune system – Windows Update – has already been compromised. With Windows Update off-line or re-routed to a third-party service, Patient Zero will never receive any critical security updates from Microsoft.
Everything seems normal for the first week. During this incubation period, Patient Zero doesn’t exhibit any outward signs of trouble, and the antivirus program has already been corrupted by the infection, ensuring that no alarms are raised. At the same time, the malicious code running on Patient Zero leaps to the other PCs in the office via the office intranet and unsecured flash drives. If the company’s antivirus had been up-to-date, this might not have happened. Within days, the entire office is silently overrun.
The downfall of Biz-Zero
Some of the more experienced employees at Biz-Zero begin to notice their computers slowing down. Perhaps they’ve been press-ganged into a bot-net controlled by a foreign syndicate, or perhaps it’s some other type of cyber-attack designed to steal the data of the company and its clients.
Soon, the severity of the attack becomes horrifyingly clear. Clients and partners in the company’s address book start receiving infected messages from Biz-Zero’s email accounts. Fortunately, most of the targets of these attacks have up-to-date antivirus protection, and the threat at Biz-Zero finally becomes clear.
Before the management at Biz-Zero can even begin to react, Biz-Zero Enterprise is becoming known for all the wrong reasons. The word on all the local tech message boards and social media sites is that the company is riddled with viruses and malware. It’s a devastating blow to the company’s reputation, and sales plummet as customers and partners abandon it.
What follows isn’t pretty. The Ministry of Domestic Trade, Cooperatives and Consumerism (MDTCC) raids the offices of Biz-Zero Enterprise and seizes over a dozen computers running illegal software – it isn’t just Patient Zero, but many other PCs which used unlicensed programs. The directors of Biz-Zero face fines starting from RM20,000 as well as possible jail time under the Anti-Money Laundering and Counter Financing of Terrorism Act 2001 (AMLA). It’s curtains for this unfortunate startup.
And it all started from one laptop with unlicensed software.
A genuine defence
By making sure that your office only uses genuine software, you can protect your company from sharing the sad fate of Biz-Zero Enterprise. With licensed copies of Microsoft Windows and Microsoft Office, along with an up-to-date antivirus program such as Microsoft Security Essentials, your workplace and your data will be more secure, and you’ll be able to focus on the important stuff instead of worrying about the threats of malware and viruses.
Don’t take any chances with your company’s IT security. Learn more about the Southeast Asia computer security study here: http://www.microsoft.com/philippines/pressroom/msft_finds_pirated_software_a_significant_security.aspx