China’s fondness for pirated software left it especially vulnerable to the latest global cyberattack.
Beijing has tolerated rampant use of unlicensed software copies despite repeated promises to crack down and warnings by industry groups that China is leaving itself open to malicious code.
About 70% of computers in China run unlicensed software, the highest level among large countries, according to BSA: The Software Alliance, an industry group. Rates for the US, Japan, Germany and the UK range from 18% to 22%. That leaves millions of Chinese computers without security support and puts China among the countries most affected by the WannaCry ransomware that spread last week, according to security researchers.
Microsoft issued a patch in March for the flaw in its Windows operating system that was exploited by WannaCry, but pirated versions “couldn’t use that service, leaving them vulnerable”, said Zhao Boyu, a senior network engineer at Bright Prospect Technologies in Beijing. “Most of the victims in China are unlicensed users,” said Mr Zhao.
As of Saturday, 29,372 institutions and hundreds of thousands of computers across China were affected, according to a security software supplier, Qihoo 360 Technology. China has long been a global centre for unlicensed copying of goods from designer clothing and music to software and pharmaceuticals.
Beijing has responded to foreign complaints by promising to crack down. It has required computer vendors to pre-load licensed software and prohibited government agencies and state companies from buying pirated versions. Despite that, news reports say Chinese universities and schools were hit hard by WannaCry, suggesting many use pirated software. Railway stations, mail delivery, fuel stations, hospitals, office buildings, shopping malls and government services were also said to be affected.
Adding to the potential for disruption, China has the world’s biggest online population at 730 million.
E-commerce is growing rapidly and other industries are shifting operations online, often using computers running pirated software.
The security environment is “increasingly threatening and damaging”, BSA said in its latest annual report on software piracy. “This link between unlicensed software and cyber risk is one that CIOs (chief information officers) should sit up and pay close attention to,” it said.
In China, sellers of pirated software often make products more vulnerable to hacking by adding “back doors” to gain access to users’ computers, said Mr Zhao. WannaCry still is spreading in China but the rate of new devices being infected “has significantly declined”, the Cyberspace Administration of China said on its website.