Search This Blog

Search Tool

May 15, 2017

China, Adicted to Bootleg Software, Reels From Ransomware AttackNYT | Business Day - May 15, 2017

Paul Mozur

Zhu Huanjie, who is studying network engineering in the city of Hangzhou, blamed a number of ills for the spread of the attack, like the lack of security on school networks. But he said piracy was also a factor. Many users, he said, did not update their software to get the latest safety features because of a fear that their copies would be damaged or locked, while universities offered only older, pirated versions.
“Most of the schools are now all using pirate software, including operation system and professional software,” he said, adding: “In China, the Windows that most people are using is still pirated. This is just the way it is.”
On Monday, some Chinese institutions were still moving to clean out computer systems jammed by the attack, which initially struck on Friday and spread across the world. Prestigious research institutions like Tsinghua University were affected, as were major companies like China Telecom and Hainan Airlines.
China’s securities regulator said it had taken down its network to try to ensure it would not be affected, and the country’s banking regulator warned lenders to be cautious when dealing with the malicious software, which locked users out of their computers and demanded payment to allow them back in.
Police stations and local security offices reported problems on social media, while students at universities reported being locked out of final thesis papers. Electronic payment systems at gas stations run by the state oil giant PetroChina were cut off for much of the weekend. Over all, according to the official state television broadcaster, about 40,000 institutions were hit. Separately, the Chinese security company Qihoo 360 reported that computers at more than 29,000 organizations had been infected.
If those behind the ransomware attack profited from the hacking, they may have figured out how to do something that has been beyond Microsoft: making money from Windows in China. Microsoft and other Western companies have complained for years that a large majority of the computers running their software are using pirated versions.
It is not clear whether every company or institution in China affected by the ransomware was using pirated software. But the huge amount of use in the country makes it likely that universities, local governments and state-run companies have networks that are dependent on unlicensed copies of Windows.
One employee at Hainan Airlines rushed to work from a shopping mall on Sunday after being told by the company’s top ranks that every computer should be patched by that evening. Any employee whose computer was affected after that would be held personally responsible, according to the employee, who asked not to be identified because the person was not authorized to speak on the record about the episode.
Hainan Airlines did not immediately respond to an emailed request for comment.
At China Telecom, one of the country’s three main state-run telecommunications providers, there was a similar scramble over the weekend, according to an employee who also asked not to be identified because the person was not authorized to speak on the matter. When a company-provided software patch did not work, the employee was told to use one from Qihoo 360, which supports pirated and out-of-date versions of Windows, the person said. A spokesman for China Telecom did not immediately respond to a request for comment.
The tradition of using copied software and other media has become embedded in China’s computing culture, according to Thomas Parenty, founder of Archefact Group, which advises companies on cybersecurity. Some people are under the impression that using pirated goods in China is legal, while others are simply not used to paying for software, he said.
Mr. Parenty cited an instance when he was working at the Beijing office of an American client. “It turned out every single one of their computers, all the software, was bootlegged,” he said. “They had every Adobe product and movie you could download. The computers were so overloaded by things that weren’t for work, they had no capacity to do work.”
The twin problems of malware and unwillingness to pay for software are so ingrained that they have led to an entirely alternative type of security company in China. Qihoo 360 built a business model by offering free security programs; it uses advertising to make money.
The issue has led to political battles between Microsoft and the Chinese government.
In a bid to get more organizations in China to pay for its software, Microsoft, which is based in Redmond, Wash., has tried all manner of approaches. The company has tried education and outreach. It has also stopped distributing Windows on discs, which are easy to copy.
One effort in 2014 put it at loggerheads with Beijing.
At that time, Microsoft cut off support for Windows XP, an operating system that was about 14 years old but that was still widely used by the government and by Chinese companies. But instead of upgrading, many in China complained that the move showed that the country still relied on decisions made by foreign companies. An article by the official news agency Xinhua said that such corporate behavior could be considered anticompetitive. Microsoft later agreed to offer free upgrades and reached a deal with a state-run company that often works for the military to develop a version that catered to China.
The Chinese government has been less focused on the issues of software piracy than on building local alternatives to Microsoft. After leaks by the former intelligence contractor Edward J. Snowden about American hacking attacks aimed at monitoring China’s military buildup, leaders in Beijing accelerated a push to develop Chinese-branded software and hardware that would be harder to breach.
For the time being, however, much of China relies on Windows. And for all of the impact of the weekend’s cyberattack, Mr. Parenty said he did not think that there would be a big effect on attitudes toward pirated software.
“The only way I see this changing things is if the central government decides there is a risk to critical infrastructure from this threat and force people to buy legitimate software,,” he said. “But I don’t see that happening right now.”
“It certainly wouldn’t be Microsoft though,” he added, referring to a possible alternative. “It would be some Chinese customized Linux distribution so that the money doesn’t go overseas.”