Digital piracy, or the illegal reproduction and distribution of copyrighted material on the Web, is extensive and growing rapidly.

As part of the “2015 State of Application Security Report,” Arxan and iThreat Cyber Group (ICG) analyzed data collected since 2012 that examined the distribution of pirated software and digital assets on the Dark Web and indexed sites that distribute these releases. Thousands of sites were analyzed, including more than 50 that are solely in the business of digital piracy. The results of the analysis are alarming:

  • There were over 1.6 million pirated releases in 2014, and if 2015 continues at the same pace, there will be 1.96 million pirated assets by the end of the year — an increase of 22 percent.
  • Online games are heavily pirated. If distribution of pirated games continues at the same rate, there will be over 31,000 pirated releases in 2015, which would be double the number of pirated releases from 2012.
  • The extent of digital media piracy is far more extensive than commonly perceived. In 2013 and 2014, an average of nearly 1 million pirated releases were discovered.
  • All types of content are being pirated. In reviewing the pirated assets found in 2015, entertainment videos accounted for about 50 percent and adult content made up approximately 25 percent.

Download the 2015 State of Application Security Report

What’s Driving the Growth in Digital Piracy?

1. The Distribution Model

The transfer of pirated releases from the Dark Web and other narrowly accessed sites to pages that have broader reach, such as private torrent sites and cyberlockers, is happening very quickly — typically within an hour. Furthermore, distributors are making good money: The largest content theft sites generated more than $200 million in advertising-driven revenues in 2014, according to the report “Good Money Still Going Bad.”

2. New Technologies

New technologies and applications enable easier access to sites offering the pirated releases. Even less technical users can now access pirated releases. For instance, jailbroken Android devices running the Kodi program can use add-ons that provide links to cyberlockers and make video streaming effortless.

The mobile app Popcorn Time is another good example. It provides a Netflix-like front-end for mobile devices that makes capitalizing on bit torrent sites easier. One NetNames study, “Sizing the piracy universe,” found that nearly 24 percent of worldwide Internet bandwidth was directed to these streaming websites. That’s an extremely high number that clearly shows that consumers around the globe are aware of distribution sites and the tools that access them.

3. Applications

Applications, including license management and digital rights management (DRM) applications, are increasingly mobile, but new vulnerabilities unique to mobile applications are not being addressed. The “2015 State of Application Security Report” cites analysis by MetaIntelli, which found that less than 10 percent of Android apps in the Google Play store had protected binary code. Unprotected binary code can easily be reverse engineered, tampered with to remove security controls, repackaged and redistributed. With games and DRM software, cybercriminals are targeting mobile apps.

Should We Care?

Whether you’re a consumer or a business producing software or digital assets, the costs of piracy are high. For businesses, the unmonetized value of these pirated materials in 2014 is estimated to be more than $800 billion, according to a report from Tru Optik. A joint study by the National University of Singapore and IDC on “The Link between Pirated Software and Cybersecurity Breaches” estimated businesses spent $491 billion in 2014 because of malware associated with pirated software. Specifically, organizations devoted $127 billion to dealing with security issues and another $364 billion to handling data breaches. Almost two-thirds of these enterprise losses can be traced to criminal organizations.

The same study estimated consumers paid nearly $25 billion and wasted 1.2 billion hours dealing with security issues created by malware on pirated software in 2014.

What Can We Do From an Application Security Perspective to Thwart the Growth of Digital Piracy?

Organizations need a concerted focus and holistic approach to protecting software, including the software that governs access to digital media. Teams responsible for application security should:

  • Leverage vulnerability testing and ensure that known risks — including those identified in the OWASP Mobile Top 10 list — are addressed.
  • Build runtime protections into applications to thwart tampering and malware attacks.
  • Protect cryptographic keys so they are not visible statically or at runtime in memory. White-box cryptography solutions provide this type of protection.
  • Rethink how much time and money you have allocated for application security. “The State of Mobile Application Insecurity” found that 50 percent of organizations had zero budget allocated toward securing mobile apps.
  • Lobby organizations that are responsible for setting standards and rules that penalize piracy.

The “2015 State of Application Security Report” illustrates the epidemic of copyright infringement. But it can be reduced if owners of games, digital media and software applications take the time to build static and runtime protections into their applications, ensuring that wherever they are deployed, they are protected. The question is: How long will it take for companies to wake up to the not-so-new attack vectors, and how much additional money will be lost before the necessary steps are taken to stem the rising tide of digital piracy?

More from Application Security

X-Force Identifies Vulnerability in IoT Platform

4 min read - The last decade has seen an explosion of IoT devices across a multitude of industries. With that rise has come the need for centralized systems to perform data collection and device management, commonly called IoT Platforms. One such platform, ThingsBoard, was the recent subject of research by IBM Security X-Force. While there has been a lot of discussion around the security of IoT devices themselves, there is far less conversation around the security of the platforms these devices connect with.…

4 min read

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

12 min read - ‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

12 min read

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

4 min read - Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

4 min read

Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers

17 min read - Overview In this post, IBM Security X-Force Red offensive hackers analyze how attackers, with elevated privileges, can use their access to stage Windows Kernel post-exploitation capabilities. Over the last few years, public accounts have increasingly shown that less sophisticated attackers are using this technique to achieve their objectives. It is therefore important that we put a spotlight on this capability and learn more about its potential impact. Specifically, in this post, we will evaluate how Kernel post-exploitation can be used…

17 min read