Cisco Finds $34 Million Ransomware Industry (networkworld.com) 18
Ransomware is "generating huge profits," says Cisco. Slashdot reader coondoggie shares this report from Network World:
Enterprise-targeting cyber enemies are deploying vast amounts of potent ransomware to generate revenue and huge profits -- nearly $34 million annually, according to Cisco's Mid-Year Cybersecurity Report out this week. Ransomware, Cisco wrote, has become a particularly effective moneymaker, and enterprise users appear to be the preferred target.
Many of the victims were slow to patch their systems, according to the article. One study of Cisco devices running on fundamental infrastructure discovered that 23% had vulnerabilities dating back to 2011, and 16% even had vulnerabilities dating back to 2009. Popular attack vectors included vulnerabilities in JBoss and Adobe Flash, which was responsible for 80% of the successful attacks for one exploit kit. The article also reports that attackers are now hiding their activities better using HTTPS and TLS, with some even using a variant of Tor.
Many of the victims were slow to patch their systems, according to the article. One study of Cisco devices running on fundamental infrastructure discovered that 23% had vulnerabilities dating back to 2011, and 16% even had vulnerabilities dating back to 2009. Popular attack vectors included vulnerabilities in JBoss and Adobe Flash, which was responsible for 80% of the successful attacks for one exploit kit. The article also reports that attackers are now hiding their activities better using HTTPS and TLS, with some even using a variant of Tor.
backups (Score:2)
Re: (Score:2)
1. Develop networking infrastructure full of security holes even though huge profits could be ploughed into auditing.
2. Wait for vulnerabilities to be exploited.
3. Report on vulnerability findings.
4. Tell buyers that they will need to pay for a cripplingly expensive support contract to receive updates.
5. Goto 1 until people wake the fuck up. (optimized: Goto 1.)
You're overthinking this. You don't even need any outside actors to do the vulnerability development and exploitation:
1. "Sell" product to customer
2. Send in audit team
3. Announce that the customer is not in compliance with their license
4. Extract $$$ from customer to become compliant
5. Goto 2.
Re: (Score:2)
"1. "Sell" product to customer
2. Send in audit team
3. Announce that the customer is not in compliance with their license
4. Extract $$$ from customer to become compliant
5. Goto 2."
I think we used to refer to step 2 as the Business Software Alliance, who somehow had police SWAT at their beck & call
Re: How the ransom works (Score:1)
I once worked for a guy who had been the CEO of the BSA for a while, and his response to my questioning why we didn't pay for all of the MS seats we actually used was, "BSA can't do jack shit, it's just threats and negotiation. As long as we buy the minimum to get the volume license agreement, we're good." I shrugged, he smiled, and that was that.
Re: (Score:2)
Currently that is very close to the Polycom Scam...
Buy Polycom Video Conference device.
Wait 3 years and need an update to fix a security hole Polycom had in their software.
Pay EXTORTION FEES of 4 years of Support contract to access that download. The current year and the previous 3 years.
Pray they dont alter the deal any further, and kiss the ring of Polycom Don.
Cisco and other big companies like them need to have their executives punched in the taint.
Re: (Score:2)
Both Microsoft and Oracle are well known for audits. I'm sure there are a lot of other big name companies that do the same.
Re: (Score:2)
Add Adobe, AutoDesk, Microsoft, Oracle, SAP, IBM, McAfee, Symantec, and VMware to that list.
They're all on the 'software companies most likely to audit you' list.
And for these organizations, Audits are an increasingly important source of revenue.
So most of them are expanding audits, and switching products towards a cloud model; either way, to
force customers to pay an additional periodic revenue stream..... especially MS.
Comment removed (Score:3, Insightful)
Re: (Score:2)
Microsoft facilitates $34mil ransomware Industry (Score:2)
$34 million? (Score:3)
I'd be surprised if it was only $34 million.
Unless they counted every type of ransomware and every instance of payment, my guess is they're missing quite a bit of the actual revenue generated.
Re: (Score:2)
Crime does generally not pay well, and the same is true for computer-crime. As Cisco wants to display the problem as being as serious as possible (to scare people into buying their stuff), the number give is likely already significantly too high.
Since when is that a "huge" profit? (Score:2)
I think Cisco wants to increase their own profits (which are a bit larger, by a factor of 1000 or so) by scaring as many people as possible. Despicable.