Microsoft-Sponsored Study Says Problems Caused By Using Windows Software Will Cost Businesses $500 Billion In 2014

from the awkward dept

The copyright industries' obsession with trying to shoot down piracy at all costs can sometimes cause them to end up shooting themselves in the foot. Here, for example, is a great example from Microsoft, which has recently been fulminating against the dangers of software piracy:

A new study released Tuesday reaffirms what we in Microsoft’s Digital Crimes Unit have seen for some time now -- cybercrime is a booming business for organized crime groups all over the world. The study, conducted by IDC and the National University of Singapore (NUS), reveals that businesses worldwide will spend nearly $500 billion in 2014 to deal with the problems caused by malware on pirated software. Individual consumers, meanwhile, are expected to spend $25 billion and waste 1.2 billion hours this year because of security threats and costly computer fixes.
The study fills out the picture with some details of the methodology (pdf):
In 2013 IDC tested pirated software from more than 550 Web and P2P sites or CDs bought in street markets to determine the prevalence of malware in pirated software. In January and February of 2014, the Department of Electrical and Computer Engineering at National University of Singapore conducted a forensic analysis of 203 PCs that were purchased from PC resellers, specialty shops, and PC markets in typical buying situations in 11 countries. Together, this research found the chances of encountering malware in a pirated copy of software is one in three. The chance of encountering malware in a PC purchased with pirated software is more than 60%.
Although the report doesn't say so explicitly, we are clearly dealing with Windows systems here -- computers are referred to throughout as "PCs," never as Macs, and some of the malware is named as "Win32/Enosch.A, Win32/Sality.AT, Win32/Pramro.F," which attack Windows systems exclusively. We can also be pretty sure that none of the infected programs was open source. Why? Because pirating software that is already freely available makes no sense -- and is certainly unlikely to be as profitable as offering black market versions of costly closed-source programs.

Putting this information together -- in order to "Get The Facts" as Microsoft always liked to say -- we arrive at the interesting conclusion that the use of commercial closed-source programs running on Microsoft Windows will cost businesses around $500 billion in 2014 alone because of the wasted time, lost data and reputational damage that will result from associated malware infections.

Assuming the research results are representative of what's happening -- and there's no reason to suppose they aren't -- the obvious conclusion to draw from them for PC users is not just to stop using pirated software (a good idea), but to stop using Windows-based programs too, and to switch to open source applications running on an open source operating system like GNU/Linux. After all, free software is even cheaper than pirated software, and yet rarely has any of the problems identified in the new report.

That's a really useful message for those facing the unwelcome prospect of paying their share of $500 billion to deal with the multiple problems associated with the Windows platform, but probably not the one Microsoft had in mind when it sponsored the research.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

Filed Under: copyright, infringement, malware, open source, piracy, software
Companies: microsoft

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Rich Kulawiec, 3 Apr 2014 @ 8:23am

    Re: When We All Go to Linux Heaven...Pie in the Sky

    "Linux is safer, because it's unpopular."

    To borrow a line from Enrico Fermi, that is not even good enough to be wrong.

    If "popularity" was a viable metric for assessing the relative safety of operating systems, then we would not have made the observations that we have over the past 30 years. Let me share just one of those, for brevity.

    As (I hope) everyone knows, the last decade-plus has seen the rise of botnets. One of the ways that we can measure that is by noting which systems exhibit behavior that indicates botnet membership (for example: coordinated spam emission) and then using passive OS fingerprinting to identify the operating system they're running.

    If relative system popularity was a viable metric for assessing vulnerability, then we would expect to see the botnet population reflect overall system statistics. Thus if the OS's available were A (50%), B (30%) and C (20%), we would expect to see a 50-30-20 breakdown among bots.

    That's not what we see. Not even close. For years, the botnet population was dominated by Windows to -- depending on how the statistics were calculated -- six or seven 9's. In other words, one could look at millions to tens of millions of bots before noting one not running Windows. That diverges wildly from the overall system population statistics, which are certainly dominated by Windows -- but not anywhere remotely close to so much.

    That's not an accident. That's not because botnet operators didn't want to co-opt other systems. That's not because they didn't know how. That's not because they didn't try. It's because getting into a Unix/Linux box is both quantitatively and qualitatively more difficult. (In the case of some variations, MUCH more difficult.)

    Like I said above, that's just one data point. There are others -- many others. The bottom line, though, is that popularity may be discarded as a relevant factor in assessing relative OS security.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Show Now: Takedown
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.