There are some very good reasons why you should block file sharing websites. These websites are primarily used to share pirated software, music, films, and TV shows. It would be unlikely for the owner of the copyright to take action against an employer for failing to prevent the illegal sharing of copyrighted material, but this is an unnecessary legal risk.
However, the main risk from using these websites comes from malware. Research conducted by IDC in 2013 showed that out of 533 tests of websites and peer-2-peer file sharing networks, the downloading of pirated software resulted in spyware and tracking cookies being downloaded to users’ computers 78% of the time. More worryingly, Trojans were downloaded with pirated software 36% of the time.
A survey conducted on IT managers and CIOs at the time indicated that malware was installed 15% of the time with the software. IDC determined that overall there was a one in three chance of infecting a machine with malware by using pirated software.
Even visiting torrent sites can be harmful. This week Malwarebytes reported that visitors to The Pirate Bay were served malicious adverts. An advertiser used a pop-under to silently redirect users to a malicious site containing the Magnitude exploit kit which was used to downloaded Cerber ransomware onto users’ devices.
A study conducted by UC San Diego involved testing pirated software downloads using VirusTotal. VirusTotal checks files against the databases of 47 different anti-virus engines. The research team determined that 50% of pirated files were infected with malware.
Dealing with malware from pirated software was determined to take around 1.5 billion hours per year. For businesses the cost can be considerable. IDC calculated the cost to enterprises to be around $114 billion in 2013 alone. And that was just for the clean-up. The cost of data breaches caused by illegal software installations was estimated to be in the order of $350 billion.
Time to Block File Sharing Websites?
Organizations can monitor devices and check for unauthorized software installations on individual devices; however, by the time a software installation has been discovered, malware is likely to already have been installed. A recent report by Verizon suggests that on average, hackers are able to exfiltrate data within 28 minutes of gaining access to a system.
One of the easiest ways to manage risk is to block file sharing websites such as P2P and torrent sites. A web filter can be easily configured to block file sharing websites and prevent them from being accessed. Many web filters can also be configured to block specific file types from being downloaded, such as keygens and other executables.
By blocking file sharing websites organizations can ensure that copyright-violating activities are prevented and malware risk is effectively managed. Furthermore, web filters can be used to block web-borne threats such as phishing websites, compromised webpages, spam and botnets, adware, malware, ransomware, and anonymizers.
The failure to block file sharing websites could turn out to be costly. It is far better to block potentially dangerous websites and online activities than to have to cover the cost of removing malware infections and dealing with data breaches.