There are valid reasons why you should block file sharing websites in the workplace. These websites are mainly used to share pirated software, music, films, and TV shows. It would be improbable that the owner of the copyright would take action against an employer for failing to stop the illegal sharing of copyrighted material, but this is an unnecessary legal danger and there is currently a crackdown on illegal file sharing.
The main risk from using these websites comes in the form of malware. There is limited data on malware downloads from pirated software, although data from a study in 2013 highlight how common it is. The study as conducted by IDC on 533 websites and peer-2-peer file sharing networks, the downloading of pirated software led to spyware and tracking cookies being downloaded to users’ computers 78% of the time. More concerning is the fact that Trojans were downloaded with pirated software 36% of the time.
A survey carried out on IT managers and CIOs at the time showed that malware was downloaded 15% of the time with the software. IDC found that overall there was a 33.3% chance of infecting a machine with malware by using pirated software.
Even browsing on torrent sites can be harmful. Malwarebytes has reported users of the popular torrent site The Pirate Bay were shown malicious adverts. An advertiser used a pop-under to silently redirect users to a malicious site that had the Magnitude exploit kit which was used to install Cerber ransomware onto users’ devices.
A study completed by UC San Diego involved testing pirated software downloads using VirusTotal. VirusTotal reviews files against the databases of 68 different anti-virus services. The research team found that 50% of pirated files were infected with malware.
Dealing with malware from pirated software was found to take around 1.5 billion hours per year. For companies the cost can be considerable. IDC estimated the cost to enterprises to be around $114 billion in 2013 alone. And that was just for the clean-up. The cost of data breaches caused by illegal software installations was calculated at around $350 billion.
New malware variants are often discovered in pirated software and fake software available through P2P file sharing websites. In 2021, NordLocker identified a previously unknown malware variant that was being distributed in pirated video games and software such as Adobe Photoshop. The malware was not detected for 2 years, during which time it had infected more than 3.2 million computers.
Businesses can monitor devices and check for unauthorized software downloads on individual devices; however, by the time a software installation has been identified, malware is likely to already have been downloaded. A recent report by Verizon indicates that on average, hackers are able to extract data within 28 minutes of obtaining access to a system.
One of the simplest ways to manage risk is to block file sharing websites including P2P and torrent sites. A web filter can be easily set up to block file sharing websites and stop them from being accessed. Many web filters can also be set up to block specific file types from being installed, including keygens and other executables.
If organizations block file sharing websites in the workplace they will ensure that copyright-violating activities are stopped and and the risk of malware downloads is effectively mitigated and users are prevented from visiting websites hosting phishing kits.
Choosing not to block file sharing websites in the workplace could turn out to be expensive for a company. It is far better to block possibly dangerous websites and online activities than to have to cover the cost of removing malware infections and remediating data breaches.