Originally published January 2018
China's reputation for its flagrant use of pirated software is well established throughout the world. According to a 2017 US News article, over 70 percent of computers in China run unlicensed versions of common software. This is the highest level of use of pirated software among large countries, with comparable rates for the U.S., Japan, Germany, Britain and other large economies ranging between 18 and 22 percent. This leaves millions of Chinese businesses and other organizations vulnerable when an attack comes. This is because computers running pirated or unlicensed copies of software lack the most updated security support available when malware or ransomware is used to attack a personal, business, or institution's computer(s) or computer network. In addition, the instances in which pirated software is passed off as a certain software program is well over 50 percent, so you or your business could find yourself paying for counterfeit software and receiving literally nothing in return.
Paying for an official licensed version of the software that your business uses in China is absolutely essential. Although pirated software (which often can be found for free) often is cheaper than purchasing an official licensed copy from the manufacturer or a third party dealer, doing so presents tremendous risks for every business with operations in China.
What Are the Risks of Using Pirated Software?
- Not getting updates
By buying Windows directly from Microsoft or a third party retailer, you are buying certain rights under the license that Windows grants each of its users. These include the ability to access periodic safety patches as Microsoft engineers or other software users discover vulnerabilities that could be exploited by hackers. As the software's manufacturer or owner discovers such security vulnerabilities, its developers then produce "patches," or software updates, to close the loopholes that have been discovered. These patches are made available to all registered users of Windows. However, if you are not in possession of a properly licensed version of Windows because you purchased a pirated version of the software that cannot be licensed, you cannot register your pirated version with the manufacturer. Therefore, as various patches are developed, you do not gain the same protections and updates as the other users of the same software who have purchased the properly licensed version.
- Exposed to Malware and Ransomware
Pirated software often contains malware or ransomware. A malware is software written specifically to harm and infect the host system. Malware includes viruses along with other types of software such as trojan horses, worms, spyware, and adware. Ransomware is a type of malicious software that a hacker plants on the victim's computer that gives the hacker access to all data on the computer as well as the ability to control access to the computer remotely. The hacker then will typically threaten to publish the data on the victim's computer or computer system and publish that data on the Internet or block access to the infected computer or network unless a ransom is paid.
A report from the New York Times found that more than 40,000 institutions in China using Windows-based computers were affected by the WannaCry ransomware in 2017. Microsoft had issued a security patch in March 2017 that was available to users of all licensed versions of the operating system that protected against the Windows flaw that the WannaCry bug exploited several months later. Licensed copies of the Microsoft Windows operating system were protected (at least partially) by that same patch, which was not available for download by those using pirated or unlicensed versions of the Windows operating system.
- Legal Risks
If the software you are using is protected by a valid Chinese patent, then both the vendor that sold you or your business the software in addition to anyone who uses the software could be held liable for violating the patent under Chinese law. To borrow the Windows example from above, in addition to anyone who uses the software could be held liable for violating the patent held by Microsoft by attempting to utilize an unlicensed version of the product.
Further, a business that chooses to use a pirated software is often risking a lawsuit by the software developer, which can result in serious fines or damages if the user of the pirated software is sued in a Chinese court by the developer. As far back as 2010, Microsoft won its first court battle against a large business using a pirated version of Windows, Shanghai-based Dazhong Insurance, which resulted in an award of $318,000 (2.17 million yuan) for Microsoft. This was far from the first time Microsoft had pursued a user of pirated software, as China Daily pointed out in regard to a 2009 lawsuit Microsoft filed against one of the largest custom personal computer dealers in Beijing, Beijing Strongwell Technology & Development Co. That case, filed by Microsoft in Beijing No 1 Intermediate People's Court, alleged that Beijing Strongwell had installed pirated versions of Microsoft operating systems and software on computers the company then sold to users. The court awarded Microsoft 461,409 yuan ($67,546) in compensation.
Lawsuits are not the only risks that come with the use of pirated software. In July 2008, Microsoft filed a complaint with the Chinese government against the author of a highly popular, pirated version of Microsoft Windows XP. The man was later arrested in August 2008. However, pirating software is not simply an offense that can result in arrest, but also prison time and long prison sentences. Notorious counterfeiter Shang Yajun was sentenced to seven years and six months imprisonment in 2012 for copyright infringement and the sale of illegally manufactured registered trademarks according to a report from ZDNet. Although these arrests and prison sentences were handed out to the authors of pirated software rather than those who used pirated software, Chinese criminal law permits those who use pirated software to be criminally prosecuted. Although Chinese authorities have not put as much emphasis on pursuing cases against those who simply use pirated software as opposed to those who pirate the software and then sell it, that risk nevertheless remains for individuals who choose to use pirated software in the PRC.
- Reputational Risks
The last, and perhaps most important aspect of utilizing pirated software in China is the reputational risk a business runs in either downloading or purchasing and then using pirated business software. Even worse, if the pirated software contains ransomware, then a company could find its customers leaving the company in droves if their sensitive information is posted online by a hacker, unwilling to bargain before exploiting the data that the ransomware gives the hacker access to. The results of such a hack can be catastrophic. For example, the WannaCry attack caused effects in 99 countries worldwide, including causing Bank of China ATMs not to function in China, and causing Chinese traffic police, immigration authorities and various public security bureaus and schools to suspend work until the malware threat was resolved. Far from simply being out of commission for the time it takes to clean up the mess left by a ransomware attack, an entire business can go under if its customers lose their confidence in it. A virus like the recent WannaCry ransomware, which cut off electronic payment systems at gas stations run by the state oil giant PetroChina for multiple days, is exactly the type of attack that could drive a Chinese business into a cash flow crunch that could quickly spiral out of control for the affected company.
Conclusion: Pay for Licensed Software When Doing Business in China, Even if It Costs You or Your Business Additional Renminbi
Even if it means your business needs to pay more for its software than you would like, using legitimate, non-pirated software is essential when doing business in China. The risks, be they reputational, legal, financial or otherwise, such as the exposure to viruses and hackers are simply are not worth saving a few renminbi to buy a pirated business software. Therefore, if your business is in the market for a certain type of software, ignore the impulse to save a bit by buying a licensed version of whichever software you are considering, no matter how much you could save by buying a pirated version. The risks of buying a pirated version are simply too great. A ransomware attack like the WannaCry attack could cripple your company and do serious damage to your business, simply because you decided to save a little money by purchasing a pirated version of software. The costs of cleaning up a potential mess from ransomware are much less than the amount a licensed, legitimate copy of software will cost you when compared with what an attack like WannaCry could cause your business operationally, financially and legally. In addition, regular checks of your business's computers to ensure that employees have not downloaded pirated software onto their work computers will also ensure that the business cannot be held responsible for copyright or trademark infringement if its employees are utilizing pirated software.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.