The latest Kaspersky report reveals that 15% of UK companies with 50 to 999 employees are ready to use pirated alternatives of business software to decrease IT spending. Among small businesses (less than 50 employees), only 7% are ready to take this step. This measure can seriously affect corporate cyber safety, since adversaries actively distribute malicious files under the guise of commonly used software.
According to Kaspersky Security Network (KSN), in just eight months[1] the total number of users who encountered malware and unwanted software masquerading as the most popular software products for small and medium businesses was 9,685. In general, 4,525 unique malicious or potentially unwanted files were spread via unofficially distributed (including pirated) SMB-related software.
The Kaspersky study aims to explore which crisis management tactics business leaders find most successful, and how some steps can seriously affect a company’s cyber resilience. Safe measures such as seeking lower-cost contractors and adopting free alternatives of usual software are most popular with the respondents, gaining 28% and 30% respectively, but nearly one-in-10 (9%) of surveyed business leaders would replace their software with a pirated version to cut costs.
As for the type of programs respondents believe they could replace with hacked copies, the majority chose project management, marketing and sales software - 56% even agree to use a pirated cybersecurity software.
Although the use of malicious torrents is far from being the main means of spreading malware, it is an infection method that should not be ruled out, as evidenced by CLoader – a script discovered in April 2022 that used cracked software as bait to trick users into installing malware. The downloaded files were NSIS installers, containing malicious code in the installation script. Adding malicious code to benign software in order to trick the user is also a technique Kaspersky researchers have encountered more often recently. The websites hosting such software look the same as the legitimate ones, with the only difference being the “free download” button on the malicious websites.
“Even though malicious actors rely on email as the primary infection vector, cracked software downloadable via torrents is yet another trick that criminals use to lure victims into installing the malware on their systems, which in a business environment can lead to more data being compromised or stolen”, commented David Emm, Principal Security Researcher at Kaspersky. “We urge business owners to rely on legitimate, authenticated software to run their business. In case of budget restrictions, we’d recommend the use of reputable, community-backed, free open source alternatives that are much less likely to contain malicious code”.
To avoid data leakage and financial losses caused by infected software installation, implement the following Kaspersky’s recommendations:
- Make sure your employees use standard accounts without admin rights, to help prevent the spread of malware.
- You can use free security solutions. They are usually mush less comprehensive and have less functions than paid products but might still be very helpful. Choose a reputable solution based on independent test results, and download it directly from the developer's site.
- To avoid paying electricity bills racked up by a hidden miner, try to constantly monitor your devices efficiency. If your gadget is slowing down, overheats and makes a lot of noise even when no one is using it, someone might have installed a miner on the device which is overloading the processor and video card. Use a security solution that detects not only malicious programs, but also potentially unwanted applications.
- Update your operating system, security software, browser and all the programs you work with as soon as a new update comes out.
- Implement regular backups of important files in a cloud service and on alternative hardware (i.e. a drive that is normally disconnected from the system). That will ensure you have clean copies even if ransomware encrypts your data. A security solution with remediation feature will let you roll back actions performed by malware in the operating system, delivering protection against cryptolockers.
More recommendations on how to protect your business with a limited budget are available on a dedicated Kaspersky Low Budget Hub.
The full report and more insights on small and medium businesses crisis tactics are available via the link.