Microsoft: Most PCs running pirated Windows in China have security issues
Microsoft finds widespread piracy in PCs sold in China, warns consumers in new campaign
IDG News Service - Microsoft launched a new anti-piracy campaign in China to highlight the security risks of buying counterfeit software.
In a recent investigation, Microsoft purchased 169 PCs from shops in China and found that all were installed with pirated versions of Windows, with 91% of them containing malware or deliberate security vulnerabilities.
"What we are finding is that increasingly cybercriminals are targeting both businesses and consumers right here in China," said Nick Psyhogeos, vice president of Microsoft's original equipment manufacturer (OEM) business solutions group.
The software company has long battled China's software piracy, which is among the highest in the world. Last year China's illegal software market was valued at close to $9 billion, while the legal market was valued at $2.7 billion, according to a study by the Business Software Alliance.
Microsoft on Thursday said users of the counterfeit Windows software are often saddled with unreliable PCs running malware that can steal users' credit card and bank account information. The anti-piracy campaign is being launched during a busy holiday season in the country.
Over an 18-month period, Microsoft said it conducted its "most extensive forensic survey" of PCs bought in China, by purchasing computers from Chinese shops and "IT malls," which can feature dozens of different small vendors in one building. Of the 169 PCs running pirated versions of Windows, 59% were already infected with malware, and 72% featured altered Internet browsing settings that intentionally sent users to scam and phishing websites.
Some of these PCs contained a malware known as "Nitol," which when activated through a pre-installed music player can remotely log user keystrokes and spy on users through the computer's webcam. More than 70% of the systems also had their Windows update, Windows firewall, and user account control warning functions disabled, making them vulnerable to cyber attack.
"Counterfeiters have pitched this story to consumers that software piracy or pirated products themselves don't cost anything, they're free. They've also pitched the story that it works just fine, it's good enough," said Psyhogeos in a media briefing. "Neither of those statements are accurate."
The PC brands that were found pre-installed with counterfeit Windows software include big names such as Acer, Asus, Dell, HP, Lenovo, along with smaller Chinese vendors. But Microsoft said the piracy is believed to come from further downstream in the supply chain, through resellers who are loading the counterfeit software and malware into the products in order to lower the cost of PCs sold.
OEMs that make the PCs will often install a non-Windows operating system such as FreeDOS on the product, Psyhogeos said. This makes it highly likely that a third-party will later install a pirated version of Windows on the PC during its distribution.
As part of Microsoft's new "Keep it Real" campaign, the company has notified 16 Beijing-based resellers, who were found repeatedly selling PCs pre-installed with counterfeit Windows versions, to stop the piracy. Microsoft will consider legal action as a last resort.
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- 5 Ways Dropbox for Business Keeps Your Data Protected Protecting your data isn't a feature on a checklist, something to be tacked on as an afterthought. Download here to find out how...
- The Keys to Securing Data in a Collaborative Workplace Losing data is costly. IT professionals have spent years learning how to protect their organizations from hackers, but how do you ward off...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!