Content Cafe


Piracy websites: A high-risk business

by Don Groves

Australians who visit piracy websites face a far greater risk of unwittingly downloading malicious software or being exposed to scams and advertising for sex and gambling than those in many other countries.

Just 1% of the advertising on rogue websites accessed from Australia is from mainstream businesses, according to research conducted by Professor Paul Watters for New Zealand’s Massey University.

That means 99% is categorised as high-risk. Computer security experts warn that most forms of anti-virus software are ineffective because perpetrators continually devise programs to circumvent it and they are far more advanced than law enforcement’s capabilities.

Dr Watters’ report – High Risk Advertising Research – showed 89% of ads on rogue sites in Canada to be high-risk, compared with 90% in Singapore, 92% in Malaysia and 96% in New Zealand and Hong Kong.

In Australia 46% of high-risk ads were categorised as malware, the umbrella term for a host of malicious programs including computer viruses, worms, Trojan Horses, ransomware, spyware, adware and scareware. Ads for the sex industry accounted for 20%, scams 15%, downloading sites 16% and gambling 3%.

“Ads on piracy sites provide a gateway for young, impressionable children to access porn and gambling,” says Dr Watters, CEO of Cyber Inc., an Australian not-for-profit and former Research Director of the Internet Commerce Security Laboratory (ICSL) at the University of Ballarat and Adjunct Professor at Unitec Institute of Technology, home of New Zealand’s first cyber security research centre.

“We need to raise awareness among parents and politicians about what kids are viewing. Social impact research may carry more weight than economic arguments.”

The fastest-growing online menace is ransomware – malware that fully encrypts the user’s files or posts messages demanding they pay a fine for downloading copyrighted media or pornography. Consumers are then forced to negotiate with the attacker to pay a ransom to regain access to their computer and files.

A 2015 Australian Cyber Security Centre survey showed 72% of businesses surveyed experienced ransomware incidents in 2015, up from just 17% in 2013- but individuals are also vulnerable. One disturbing example involves a Melbourne man named Matt who was sent an email which showed him masturbating after his computer had been hacked and he was filmed through the webcam.

According to ABC Triple J program Hack Matt then received an email demanding money or the footage would be sent to his Facebook friends and work colleagues. After he refused, the hackers sent him a screenshot of his Facebook friends, personal details from his website and a demand for $10,000. He began negotiating, bartered them down to $3,000, then changed his mind and bravely alerted his Facebook friends he had been hacked and why. He heard nothing more from the hackers.

The radio program quoted one security software company’s estimate that there were more than 200,000 ransomware attacks in Australia in April-May. Another reckoned there were one million instances of a single kind of ransomware (CryptoLocker) in Australia last October.

Cyber security expert Philip Seltsikas, an Associate Professor at The University of Sydney Business School, told Triple J program there is no sure way of defending against ransomware: There’s a lot more people [affected] than we know because there could be hackers in big centres watching video streams just waiting for something to happen. All of our computers might currently be infected. If you are worried you should clean the computer, wipe the hard disk and reinstall the operating system.”

In another scam, Internet service providers in Australia, the US and UK have been sent emails purporting to come from HBO alleging customers had illegally downloaded Game of Thrones. The emails demand a financial settlement within 72 hours under threat of legal action (see original article here).

These scams mostly originate overseas in places such as Nigeria and Eastern Europe, so it is tough if not impossible to detect and prosecute these criminals.

“Yes, it is very hard to prosecute scammers and phishers who operate offshore,” Dr Watters says. Australia has made some progress through international conventions such as signing the European Convention on Cybercrime.”

“I think international co-operation is critical. In Eastern Europe, the crooks pay taxes and bribes, so we need to find another way to incentivise governments and law enforcement to take the problem seriously. In Australia, there were quite a few arrests around phishing in the 2000s, but things do seem to have slowed in recent years. I guess the police have to prioritise some areas ahead of others, and if they perceive that most of the criminals are offshore, and an arrest is unlikely, these cases may not get much resourcing.”

From his research, Dr Watters was alarmed to find many mainstream brands in the Asia Pacific region are advertising on infringing sites. He contacted a number of advertisers to ask if they are engaging directly with ad networks or distributing via resale programs. The sobering result: “In some countries there has been a complete lack of interest. I would have thought that their brands were worth protecting, but no doubt the number of eyeballs is their primary concern. I’m thinking of using Twitter for a bit of public naming and shaming.

“That said, I did have a household name company contact me recently and ask for the evidence and metadata for their ads appearing on a piracy site. They went back to their vendor and demanded a refund, as they had not authorised their brand to be used.”

Site-blocking is an effective counter to high-risk ads, so it will be interesting to see what happens when the Federal Court issues its decisions on applications by Foxtel and a coalition of major film studios led by Village Roadshow seeking orders to oblige ISPs to take down some of the most flagrant copyright-infringing sites.

Among the other risks, spyware is programming that secretly gathers information about the user and relays it to advertisers or other interested parties. It is often installed without the user’s consent or by clicking an option in a deceptive pop-up window.

Scareware tricks users into visiting malware-infested websites via pop-ups which may appear to be legitimate warnings from anti-virus software companies. They claim a computer’s files have been infected and demand a fee to purchase software that supposedly will fix the problem.

Dr Watters advises: “Obviously people should avoid piracy sites because they are a major source of infections. Consider using ad-blocking technology if you don’t know or trust websites.”

Individuals are not the only targets of malware, spyware and ransomware programming, with small businesses squarely in scammers’ sights.

The Australian Competition and Consumer Commission received more than 7,600 enquiries and complaints from small business in the first half of 2016, with ransomware scams leading the list of the biggest problems for that sector.

Last month, an ACCC report highlighted $1.6 million in losses reported by small businesses in Australia from scam activities.