New research on the ecosystem for pirated software and digital assets has been conducted by Arxan and iThreat Cyber Group (ICG). The report reveals that illegal reproduction and distribution of copyrighted material on the Web is booming as a result of security breaches in both mobile and desktop software applications.
Arxan and ICG analyzed data collected over the past three years that examined the distribution of unauthorized digital assets on the Dark Web and indexed sites that are focused on distributing pirated releases. Thousands of sites were analyzed, including over 50 in the sole business of distributing pirate releases. The report focuses on the areas of software, gaming and digital media. The analysis revealed:
6M releases were pirated in 2014.
The extent of digital media piracy is far more extensive than commonly perceived.
-In 2013 and 2014, on average nearly 1 million pirated releases were found.
– In 2015, Videos (TV, Movies, etc., excluding Adult Content) accounted for about 50 percent, and Adult content accounted for roughly 25 percent of releases found.
The cost or un-monetized value of copyright infringing releases in 2014 is estimated to be more than $800 billion.
Piracy of software and digital assets is on the rise.
96M pirated assets are expected by the end of 2015 – an increase of 22 percent over the last three years.
If distribution of pirated games continues at the current rate, over 31,000 unauthorized releases will be active in 2015 – double the number of pirated releases just three years ago. Malware linked to pirated software is an enormous cost to both businesses and consumers. Enterprises will spend $491 billion, due to malware associated with pirated software.
“The findings in Arxan’s State of Application Security prove that piracy is one of the greatest threats to intellectual property and creative content, highlighting the enabling role pirated releases play in spreading extremely harmful malware across a range of industries – where the challenges of defending against it – are complex, but not insurmountable,” said Patrick Kehoe, Chief Marketing Officer of Arxan.
The report found that piracy is on the rise due to poorly protected applications and a rapidly evolving distribution system for pirated releases. Few applications, for example, are deployed with protected binary code. An adversary can directly access unprotected application binary code, analyze and reverse-engineer it back to source-code. With the revealed source-code, pirates are able to copy and/or maliciously modify and then redistribute software quite easily. MetaIntelli’s June 2015 analysis of 96,000 Android apps from the Google Play store found that less than 10% of them had protected binary code.
Hackers are gaining access to digital media using a number of techniques outlined in the report. Most are stealing cryptographic keys that govern access to digital media and using these keys to decrypt encrypted digital media files, and illegally distribute them.
Hundreds of millions of Internet users worldwide are accessing pirate distribution sites. Many of these sites survive based on Ad revenue (i.e., advertisers are paying to promote their products and services on these sites), while others charge users a fee or request donations from their users. The largest content theft sites generated more than $200 million in advertising-driven revenues in 2014.
“The threat posed by piracy cannot be limited to its effects on one company, one industry or one country. The sheer number of cases in the US and abroad, dictates software, digital media and mobile gaming industries become savvier with regards to techniques for combatting pirated releases across national boundaries,” said Jeff Bedser, CEO of iThreat Cyber Group. “The best thing content owners can do is continually monitor the marketplace and equip themselves with intelligence tools and leverage data and application protection techniques to fight piracy head on.”
To view the info graphic and access the full report, visit: https://www.arxan.com/resources/state-of-application-security/