Security news16 May 2007
Hackers prey on pirate software users, Sophos warns
35% of computers run at least one illegal program
IT security and control firm Sophos is warning businesses of the security and productivity risks of allowing counterfeit software programs to run on their company networks. The warning follows research from the Business Software Alliance (BSA) that revealed that more than a third of PCs worldwide are running pirated software.
According to the research, 35% of computers run at least one illegal program, with computer users in China and Russia the worst offenders (with over 80% of computers running pirated software). Sophos experts note that pirated software can leave business networks open to attack as cybercriminals are provided with an additional route to infection.
"Putting aside the obvious legal issues, piracy can have a real impact on a company in terms of security," said Graham Cluley, senior technology consultant at Sophos. "It's not enough to make sure that all PCs are running legitimate copies of Word, businesses must also control what programs their employees are downloading, installing and running. Patching against software vulnerabilities is key to any good IT security policy, but with pirated software this becomes near impossible. Pirated software downloaded from dodgy websites or bought from a man in an alleyway will not come with technical support, and may even be virus infected."
Software piracy rate by region
Software piracy rate by region. Source: BSA.
According to Sophos, running pirated software on corporate networks can also have severe repercussions on the network infrastructure, hogging valuable bandwidth and network resources.
"Businesses simply cannot afford to ignore piracy," continued Cluley. "The corporate network is the backbone of any company and if you allow users to run anything they like on it, whether illegal or not, you shouldn't be surprised when it breaks."
Sophos recommends companies protect their desktops, servers and gateways with a consolidated solution to thwart the threats of viruses, spyware, phishing, hackers and spam, as well as controlling which applications are authorized to run on the network.
