Of this, $127 billion is expected to be spent on dealing with miscellaneous security issues, while $364 billion would be spent on dealing with data breaches. According to the report, sponsored by Microsoft, consumers meanwhile will spend $25 billion and 1.2 billion man hours this year on the same issues.
Almost two-thirds of these enterprise losses, or $315 billion, will be the result of the activity of criminal organizations.
In 2013, IDC tested pirated software from more than 550 Web and P2P sites or CDs bought in street markets to determine the prevalence of malware in pirated software. In January and February of 2014, the Department of Electrical and Computer Engineering at National University of Singapore conducted a forensic analysis of 203 PCs that were purchased from PC resellers, specialty shops and PC markets in typical buying situations in 11 countries. Together, this research found the chances of encountering malware in a pirated copy of software is one in three. The chance of encountering malware in a PC purchased with pirated software is more than 60%.
The malware included viruses, worms, Trojan horses, rootkits, and unwanted adware, which had pre-infected the new PCs before they could even access the internet. There were other problems as well, such as misleading applications, corrupted executables, exploits and system vulnerabilities, which technically don’t count as "infections" but which can contribute to the problem. Exploits, for instance, are often used to allow the pirated software to function. But these vulnerabilities can make it easier for the PCs to get infected once they do have access to the internet.
“Given the impact on consumers and enterprises from malware associated with pirated software, it's easy to draw implications for governments, as they are users of software and victims of security attacks, too,” the report noted. “But they have the added burden of dealing not only with the consequences of their attentiveness — of lack of it — to the security risks of using pirated software, but also of the consequences of the actions of their citizens and industries.”
The 302 government officials surveyed indicated that, to some extent, they do somewhat understand the link between potential security breaches and software piracy. In total, 54% said that the connection is well understood. In Latin America, that awareness dropped to 42%, while in Central and Eastern Europe it was 66%.
Furthermore, 35% of government respondents said their governments should be quite worried about it. On the other hand, 26% said their governments either don't need to worry at all or need to worry only a little bit.
Overall, respondents government sector were most worried about the loss of business trade secrets or competitive information (59%). This was followed by concerns about unauthorized access to confidential government information (55%) and the impact of cyber-attacks on critical infrastructure (55%).
“Using pirated software is like walking through a field of landmines: You do not know when you will come upon something nasty, but if you do it can be very destructive,” IDC chief researcher John Gantz said, in a statement. “Buying legitimate software is less expensive in the long run – at least you know that you would not get anything ‘extra’ in the form of malware.”