More pirated software leads to more malware infections, poorer countries at more risk

I decided to take a look at the relationship between the rate of software piracy and the rate of malware infections.  If you pirate your software, are you more at risk of getting infected with malware?  It sounds plausible so I decided to investigate.

First, I downloaded a copy of the 2011 BSA Global Software Piracy Study.  Then I went to Microsoft’s latest Security Intelligence Report (SIR), volume 12, and looked at the Worldwide Threat Assessment.  In the SIR, Microsoft has a measurement that it calls CCM, or Computers Cleaned per Thousand executions of the Malicious Software Removal Tool.  They also include some telemetry from the Microsoft Security Essentials software.  One execution/removal of the MSRT corresponds to a malware infection.

I took the data from the piracy study and checked it against Microsoft’s malware data from the 4th quarter of 2011 and then plotted them in a scatter plot.  I tossed out the countries for which I had no data for one or both data points, and also excluded one outlier (China – Microsoft’s data on China is too low to be credible).  Below is the result:


There is a positive correlation (and statistically significant) of 0.498 between the rate of software piracy in a country and the detected rate of malware infection/cleanups.  I classify this relationship as medium strength*.

Conclusion: Pirated software increases your chances of malware infection.

Okay, so using pirated software is risky. But who buys pirated software?  Is it people in the developed world?  Or people in the developing world?  Do wealthier countries buy their software more often?

To determine this, I used GDP per capita that is published in the World Economic Outlook database, maintained by the International Monetary Fund.  I adjusted for the outliers, again discarding China (malware infections far too low), and Qatar and Luxembourg (GDP per capita too high).  I then plotted rate of piracy vs. GDP per capita, below is the result:


In the above, the regression line is statistically significant (a strong correlation) and it slopes downward, indicating an inverse relationship GDP per capital and the rate of software piracy.  Or, to put it another way:

Users in poorer countries have higher rates of piracy than users in wealthier countries.

Finally, I decided to check the rate of malware infection against GDP per capita.  We know that users in poor countries pirate software more often, and pirated software is more at risk than legitimate software.  To calculate this, I combined the three datasets above to come up with the following chart, once again adjusting for China, Qatar and Luxembourg:


The trend line in this chart is the same as the trend line in the previous chart, but the correlation is only medium strength. But the result is the same:

Users in poorer countries have higher rates of malware infection than users in wealthier countries.

The above analysis confirms what I suspected – acquiring software illegitimately increases your risk of malware infection, and users in the developing world (as defined by International Monetary Fund) are more at risk.

* In this analysis, I use the following categories:

correlation < 0.10 = No statistically significant relationship
0.10 ≤ correlation < 0.30 = Weak correlation
0.30 ≤ correlation < 0.60 = Medium strength correlation
0.60 ≤ correlation ≤ 1.00 = Strong correlation

Comments (1)

  1. toni says:

    Wow, great use of stats to develop some interesting conclusions. Really like the article.