Pirate MalwareWe live is frightening times…

A recent report from the Commission on the Theft of American Intellectual Property proposes the use of government-sanctioned ransomware to catch software pirates.  The IP Commission claims that packaging its own brand of ransomware within legitimate retail software would allow for better policing of online piracy and shut down the majority of cyber theft.  The problem with the proposal is that not only does it violate current privacy laws in the US but it opens the door for all manner of problems for legitimate consumers.

The IP Commission Report that was submitted to congress details how “IP theft” causes the loss of “hundreds of billions of dollars per year” and hurts the US economy.  As a deterrent to IP theft, the commission calls for the creation of specially designed spyware that would be packaged within common commercial grade software.  The spyware would actively monitor any system that it was installed on, and recover the personal information of the user if found in violation of the law.  The report goes on, “Additional measures go further, including photographing the hacker using his own system’s camera, implanting malware in the hacker’s network, or even physically disabling or destroying the hacker’s own computer or network.” 

The fact that such measures are even been considered should alarm anyone with even basic knowledge of computer systems or current cyber theft preventative measures.  Media companies and internet service providers have been waging a war against pirates since the early days of the internet.  No matter how thorough or invasive the measures, pirates have always managed to circumvent the defenses.  The same, however, cannot be said for consumers who are often caught in the crossfire.

Some of the most infamous anti-piracy measures have left consumers without access to the software that they paid for, simply because their computer was built with uncommon components.  In other cases software has been rendered unusable because the owner upgraded their hardware which invalidated a registry key.  Further still, anti-piracy methods that make use of always on internet connections have left users in the dark because of utility disruptions.  In all cases, the measures were not enough and pirates eventually cracked the code allowing them access to the software.  What’s even more alarming is that in many such cases, the pirated copies were actually superior to the retail versions because they also removed the restrictions placed on the software by the developers.

The inclusion of so-called ransomware in legitimate software is even more worrying than consumer inconvenience.  In recent months ransomware viruses have shown to be a major problem for users around the world.  If government-sanctioned ransomware becomes common in retail software it seems only a matter of time before cyber criminals find a way to repurpose it for their own use.  If that happens, users who know that their computer can be locked for legitimate reasons will be even more likely to fall prey to the deception.  With cyber-crime already a growing concern, the last thing we need is for congress to fan the flames into an even greater problem.

– Richard Keene
IT Computer Support of New York
Design and Optimization Department