Filtered By: Scitech

Cybersecurity breaches to cost APAC countries $240-M in 2014 

Asia Pacific enterprises and consumers are predicted to spend some $240 million collectively in dealing with computer system issues caused by malware and pirated software, a study by the National University of Singapore (NUS) and the International Data Corporation (IDC) said.

Enterprises in the Asia Pacific are expected to spend nearly $59 billion in dealing with security issues and $170 billion in dealing with security breaches in 2014. Meanwhile, consumers in Asia Pacific will spend $10.8 million dollars in dealing with security issues created by malware on pirated software.

The study, entitled "The Link Between Pirated Software and Cybersecurity Breaches," is part of Microsoft's Play It Safe campaign and includes forensic analysis of 203 computers acquired in 11 countries, and a survey of 1,700 consumers, workers, CIOs and government officials from 15 countries.

The study says that 61% of the 203 computers with pirated software on them were infected with dangerous malware. NUS found more than 100 discrete threats including a Trojan that creates a proxy server on an infected computer. It then uses that proxy server to relay spam email and Web traffic while still hiding the origin of the attackers. Another is a virus that stops security software and some Windows utilities from running and tries to download other files, including other malware, from a remote server. 

Atty. Raul Cortez, Legal and Corporate Affairs Director of Microsoft Philippines, explaining the malware found in 203 computers used in the study. Photo: Kim Luces

"Most of the pirated software would contain malware. Unfortunately, the Philippines was not included (in this study), but whatever information we've gotten from other countries probably apply in the Philippines as well," said Atty. Raul Cortez, Legal and Corporate Affairs Director of Microsoft Philippines in a press briefing on Friday.

"(In the Philippines), we do not really produce pirated software, at least not to (a large) extent. So the source of (those software) probably comes from another country," he explained.

While the best way to avoid malware is to buy from name brand computer vendors and national retail chains, 68% of consumers and 33% of enterprise customers in Asia Pacific said that they buy software from suspect sources, their survey showed.

Due to the existence of the Data Privacy Act in the Philippines, companies are not only subject to spending millions in case of a data breach. They are also posed to criminal offenses, Cortez said. 

He also said that even when companies buy original software, their employees who use pirated software can also pose a threat to their company's computer systems.

"The trend right now is that employees bring devices to work. The study shows that 27% of employees install their own software in company devices. What happens is they go to the office, plug their devices in, and if they contain malware, they infect the whole (office) network," Cortez said.

It is for the same reason that government offices are also in danger of security and data breaches due to malware.

"Personally, I don't think it's the government (that purchases pirated software). I think it's the employees that bring their devices (to work). Kasi hindi ganoon karami ang computer sa (government) natin," Cortez said.

"Personally, I don't think it's the government. I think it's the employees that bring their devices. Kasi hindi ganoon karami ang computer sa (government) natin."

However, with the right security procedures in place, such as regular scanning for malware in employees' computers, these threats would lessen.

"The threat is always there kasi you're not in a controlled environment. But i think the trend is still with BYOD (Bring Your Own Device). Ang hirap magpalit ng devices, so you end up using your personal device to work. So i think it's important, yung authenticity nung device na ginagamit nila," Cortez said.

He also said that the government is showing more interest in purchasing legitimate software, especially the Department of Science and Technology. Microsoft is also willing to assist the government, should they need it.

"No matter how modern your system is, I think there's still a possibility that there might be a breach. And in the event of that breach, what we're saying is that we're there to help. At the same time, let's make sure that it's harder for anyone to breach that security," Cortez said. — TJD, GMA News