In the event of a crisis, 12 percent of medium-sized companies in Germany would consider using pirated business software to reduce IT expenditure. This was the result of a recent Kaspersky survey . However, pirated software can seriously compromise corporate cybersecurity, as attackers actively distribute malicious files under the guise of the most commonly used software.
According to Kaspersky Security Network (KSN), from January to August 2022, 9,685 users  worldwide were affected by malware and unwanted software masquerading as popular apps for SMBs. In total, Kaspersky experts identified 4,525 different malicious or unwanted files that were distributed via unofficially offered (including pirated) SMB-related software.
The current study by Kaspersky shows which measures decision-makers in SMEs expect to save in the event of a crisis. Four out of ten SMEs in Germany (40 percent) are looking for cheaper providers to save costs; one third (31 percent), on the other hand, are considering the use of freely available software alternatives.
However, measures are also being considered that may have a negative impact on the companies’ cyber security. For example, twelve per cent of the decision-makers surveyed in German SMEs want to replace their current business software with pirated copies in order to save on the cost of doing so. Most often, SMEs in Germany would replace software for project management (42 per cent), payment processing (42 per cent) and human resources (42 per cent) with pirated software. What is particularly alarming, however, is that one in three companies (33 per cent) would even consider using unofficial security software, thus accepting an enormous risk.
“Scarce resources are nothing new for small and medium-sized enterprises. But the use of pirated and hacked software must not be considered as a solution under any circumstances. Because by doing so, any company would be putting its security, reputation and source of income at risk,” says Waldemar Bergstreiser, Head of B2B Germany at Kaspersky. “Pirated copies of software usually contain Trojans and mining software and for that no updates and patches from the manufacturers that eliminate vulnerabilities that cybercriminals can exploit. Therefore, officially offered free alternatives are a far better solution for those who need to save on IT.”
Kaspersky recommendation for cost-efficient and secure IT
All employees should only have access to standard accounts without administrator rights. This avoids Trojans being installed instead of just the software.
There is free security software that is usually less functional but still useful. To select a suitable programme, independent test results  should be consulted and the download should always be made directly from the manufacturer.
To avoid paying a hidden miner electricity bill, the efficiency of all devices should be checked regularly. If this decreases or devices become hot or noisy although they are not currently being used by anyone, this could be an indication of such malware. Security solutions such as Kaspersky Small Office Security  detect malicious and also unwanted software.
Immediately install updates for operating systems, security software, browsers and all other programmes used by employees.
Regularly create backups of all important files in the cloud and on alternative hardware that will restore data in the event of a ransomware attack. Security software with a recovery function, such as Kaspersky Endpoint Security Cloud , can undo harmful activities in the operating system and protects against cryptolockers.
Further practical recommendations for cost-efficient protection can be found in the Kaspersky blog “Cybersecurity on a Budget”: https://www.kaspersky.com/blog/budget-cybersecurity/.
More on the situation of small and medium-sized enterprises in times of crisis is explained in the current Kaspersky SMB Cyber Resilience Report: https://www.kaspersky.com/blog/smb-cyber-resilience-report-2022/
 The data used by KSN was provided by Kaspersky users on a voluntary and anonymous basis in the period from 1 January to 30 August 2022.
Kaspersky SMB Cyber Resilience Report: https://www.kaspersky.com/blog/smb-cyber-resilience-report-2022/
Kaspersky tips “Cybersecurity on a Budget”: https://www.kaspersky.com/blog/budget-cybersecurity/
Kaspersky information on independent tests and awards: https://www.kaspersky.de/blog/kaspersky-awards-2020/26424/
Kaspersky Small Office Security: https://www.kaspersky.de/small-business-security/small-office-security
Kaspersky Endpoint Security Cloud: https://www.kaspersky.de/small-to-medium-business-security/cloud