After several years of downward trending in the attempted use of illegal programs such as file sharing clients — which have long been a breeding ground for all manner of attacks based on their underground status — security researchers are noting a recent uptick in attempted of the applications.
Perhaps driven by the lagging worldwide economy, and certainly empowered by the continued proliferation of such programs, research shows that organizations are being put at greater risk based on people’s use of illegal software, reports cloud-based filtering specialists ScanSafe, which was recently acquired by networking giant Cisco.
According to the company, its latest numbers show a 55 percent increase in illegal MP3 and software download attempts over the last three months on the corporate networks it tracks.
In addition to the added risk of malware attacks and other dangers introduced by the use of illegal software within organizations, there is also the issue of potential fines introduced by prosecution of file-sharing users. ScanSafe points to the recent conviction of U.S. student Joel Tenenbaum who was fined $675,000 for illegally downloading only 30 songs. In some cases the organizations who own networks being used for illegal file sharing could be held similarly responsible, the experts contend.
As illegal file-sharing and other greyware schemes have faded from the news spotlight over the last few years, workers have fallen back into dangerous usage patterns, the experts maintain.
“Employees mistakenly assume they can use the Internet at work in exactly the same way as they use it at home and this is potentially one of the reasons for this steady increase in illegal download attempts over recent months,” Spencer Parker, director of product management at ScanSafe said in a research note. “Downloading illegal content is a ‘double whammy’ for employers as not only does it put them at risk legally but it also puts the company network at risk of being infected with malware.”
A “large majority” of free illegal downloading websites are often “riddled with malware,” he said.
To help discourage use of the systems, organization must not only put in place policies with established consequences and penalties for employees for using them, but also go to steps to block the unwanted content from reaching their systems altogether, ScanSafe recommends.
I guess it’s time to go back to copying other people’s CDs. Just kidding. Sort of.
Follow eWeek Security Watch on Twitter at: eWeekSecWatch.
Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.