The National Cyber Security Agency (NCSA) says it identified data leaks comprising 5 million usernames and passwords this year in Thailand, an astronomical spike from just 80,000 last year, attributed to the use of pirated software by individuals and organisations.
The use of illegal software exposes organisations and individuals to cyber-attacks and the theft of individual digital currency accounts, the agency said.
It warned against installing pirated software on employees’ personal computers or devices used within organisations.
Organisations should also adopt certified open-source software or apply multi-factor authentication (MFA) when logging in to all IT systems, said AVM Amorn Chomchoey, secretary-general of the agency.
MFA is a multiple-step account login process, requiring users to enter more information than just a password to access an account or application. It is meant to make it more difficult for unauthorised individuals to gain access to others’ accounts.
The investigation by Thailand Computer Emergency Response Team found many people are using pirated software, which is considered a gateway for cyberthreats against individuals and organisations.
The main cause of cyber-attacks in many organisations often starts with the installation of pirated software on employees’ personal computers or devices, said AVM Amorn.
Those devices often contain important data, channels to access the organisation’s internal systems, or usernames/passwords to access these systems.
He said 187 million usernames and passwords have been leaked worldwide so far this year.
When malware accesses these credentials, hackers can use the credentials to access an organisation’s internal systems without triggering warnings by attack detection systems, because the hackers use trusted user accounts.
Hackers can continue to access important work systems, leading to data leaks, or the internal systems may face a ransomware attack. This also resulted in the theft of cryptocurrencies from individual accounts.
“Many forms of malware are hidden in pirated software. A common cyberthreat is phishing,” said AVM Amorn.
At an organisational level, ransomware often infiltrates computers and locks all files so they cannot be opened. Then criminals send messages to threaten the victims and demand a ransom.
Cryptojacking incidents were also recorded, in which criminals secretly use a victim’s computer or mobile phone to mine cryptocurrency, causing the device to work slowly because it is being used for a heavy workload all the time.
He said organisations must train employees to understand the risks of using pirated software and fraudulent links.
Using pirated software violates the Copyright Act.
Organisations that cause a leak of personal data are considered to be breaching the Personal Data Protection Act, resulting in payment of compensation for damages to the data owner, said AVM Amorn.
Even if the pirated software is removed, the system may still have vulnerabilities or malware that cannot be easily detected, he said, which makes the safest and most sustainable choice to avoid using pirated software.
