For global enterprises, the stakes are higher: they will spend $114 billion collectively on piracy-related malware cleanup, according to a study from IDC and Microsoft.
In the counterfeit and pirated software world, the chance of infection by unexpected malware is one in three for consumers and three in 10 for businesses. The problem is endemic – according to the report, 42% of all PC software packages installed in the world in 2011 were pirated. However, in 50% of the countries studied, more than 60% of the software was pirated. IDC estimates that at least 80% of pirated software is counterfeit – so at least a third of PC software is counterfeit.
“The best way to secure yourself and your property from these malware threats when you buy a computer is to demand genuine software,” said David Finn, associate general counsel in the Microsoft Cybercrime Center. “The cybercrime reality is that counterfeiters are tampering with the software code and lacing it with malware.”
According to the study, 64% of those using counterfeit software experienced security issues and in 45% of the cases, the bogus software slowed their PCs.
About half (48%) of respondents noted that their greatest concern with using counterfeit software was data loss, while 29% were most concerned with identity theft, the study said – a prescient concern.
“The market for credentials and other information stolen by cyber-thieves has been sized at $114 billion, enough to create a multibillion-dollar market for tools to enable cyber-theft,” IDC noted in the report.
The analysts wrote that a decent keylogger – malware that tracks keystrokes to gather passwords and account information – can cost as little as $25 on an auction market used by cyber-thieves. Botnets sell at $100–200 per 1,000 infections, depending on location. And, there is a whole subterranean industry selling toolkits (like Zeus and Citadel) to cybercrooks who then create malware with equally arcane names like "police ransomware," "spear phishing email," LuckyCat, Fakem Rat, or HeartBeat APT.