Security-conscious systems administrators have another potential threat to worry about if emboldened users increase their use of movie-download sites in the wake of a decision to stop pursuing 4736 Australians alleged to have downloaded the movie Dallas Buyers' Club (DBC) using BitTorrent.
Commercial rights holders for the Oscar-winning film launched legal action in late 2014 to force six ISPs to hand over the personal details of thousands of their customers, whom DBC accused of downloading the film online. After a series of decisions in the closely-watched case went against DBC – which was, many feared, trying to use 'speculative invoicing' practices to extract sizeable settlements from accused downloaders – this week saw the passing of a court-set deadline by which DBC would have had to continue its action.
The movie industry's next steps remain to be seen, but in the short term security administrators may want to be particularly aware of users that may see the decision as an opportunity to resume extensive use of BitTorrent Web sites.
Such sites have a spotty reputation when it comes to security, with malicious advertisements rife and some sites employing manipulative tricks such as fake Download buttons to get users to download malware and unwanted software. Sites such as the popular Kickass Torrents have had to take action against malware after being flagged as unsafe by Google on at least two occasions in recent months.
The site stepped up its malware-detection work, but its travails reflect the fact that malicious code has become so prevalent on the Web that Google this week announced that it would stop taking Flash display advertisements as of July.
BitTorrent itself has also been linked with a number of security concerns, with a vulnerability last year discovered that allowed BitTorrent clients to be abused to amplify distributed denial of service (DDoS) attacks. Last March, an update to the popular µTorrent application began loading cryptocurrency mining tools that devoured system resources. More recently, a bug in some VPN services – often used to hide the identities of BitTorrent users – was found to allow their identities to be compromised.
BitTorrent has also been pushing into the online file-sharing market, potentially causing headaches for administrators whose users decide to embrace the company's Sync application – which was reverse-engineered in late 2014 and found to have several security issues – in lieu of conventional options such as Dropbox and Box.
This has implications on the ability to control corporate documents throughout their lifecycle – already a significant challenge for most companies. A recent study, for example, found that 23 percent of documents shared through cloud-storage apps are made available to the public.
Australians have long been recognised as the world's heaviest users of illegal download sites, with one Nielsen survey finding that more than 2.5m Australians visited The Pirate Bay and Kickass Torrents in May 2014 alone.Read more: How the security and operations gap is threatening your business