June, 2017

The risks China faces in relying on pirated software

Original article: China, Addicted to Bootleg Software, Reels From Ransomware (accessed June 07, 2017)

The recent global hacking assault hit Chinese firms, government agencies and universities particularly hard given their use of pirated software.

According to Finnish cyber-security firm F-Secure, computers running unlicensed versions of Windows likely contributed to the scale of the so-called ransomware attack, which locked users out of their computers and demanded that they pay a ransom to be allowed to return. Since pirated software is rarely registered with the developer, it can be difficult to keep it secure in the face of coordinated assaults.

Of the computers in China affected by the ransomware, it is almost impossible to calculate the exact number that were using pirated software. "But universities, local governments, and state-run companies probably have networks that depend on unlicensed copies of Windows," The New York Times says.

For many years, Microsoft and other Western firms have fought against piracy of their products in several of the nations the attack hit hard. BSA, a trade association of software vendors, published a study last year that found that 70% of installed software on computers in the PRC was not legitimate; in Russia, that figure was 64%, and in India 58; in Russia, that figure was 64%, and in India 58%.


Pirated software has long been part of China's computing culture. Indeed, the Intellectual Property Group has seen firsthand the use of pirated versions of Microsoft Windows in a well-known state-run company. When asked why the company was not using an official version of Windows, employees of the company said it was normal in China. They did not seem concerned about any legal ramifications of using pirated software or associated security risks.

The New York Times notes that an alternative type of security company has emerged in China given the entrenched problems of malware and unwillingness to pay for software. For instance, Qihoo 360 makes its money from advertising, but it built its business by providing security programs free of charge.

Attempts by Microsoft to play hardball on the piracy issue have backfired. In 2014, it axed support for the Windows XP support for Windows XP, which, although around 15 years old was still in use among Chinese government offices and local firms. That decision prompted complaints about China's reliance on decisions made by foreign firms. As China began to accelerate efforts to develop indigenous operating systems, Microsoft agreed to create a Windows operating system customized for China.

For brand owners, pirated software in China causes significant monetary and intellectual property losses. But it can also present serious cyber security risks to the increasingly connected Chinese population. Imagine, for example, hackers gaining access to millions of smartphones through pirated software running on the handsets, breaching the security defenses of the WeChat app, and then emptying everyone's WeChat wallet. WeChat has about 900 million active users, and a quite a few of them use WeChat to pay for everything from taxi rides to restaurant meals.

Unfortunately, a sea change i n Chinese attitudes about software piracy could be far away. Thomas Parenty, a cyber-security expert, told the New York Times that for things to change drastically, Beijing would have to decide the threat placed critical infrastructure at risk and then force people to buy licensed software. However, "I don’t see that happening right now," he said.