Earlier today, at the Black Hat USA security conference in Las Vegas, U.K.-based security vendor Sophos Ltd. published a new white paper about an insidiously slick and effective “ransomware-as-a-service” (RaaS) kit named Philadelphia. Here’s an inside look at that underworld product offering and preview of the threat landscape ahead based on a recent conversation with Dan Schiappa, senior vice president and general manager of the end user and network security group at Sophos.
First the bad news: according to Schiappa, cheap, simple, readymade exploits like Philadelphia will combine with strong profits and proliferating targets to keep ransomware purveyors in the headlines for many years to come.
“That’s a multi-, multi-hundred-million-dollar a year business that’s not going anywhere,” he says. “No matter what kind of technology the industry provides to make it difficult for them, they’ll find low hanging fruit and find ways to get in.”
Now the good news, at least as far as RaaS is concerned: precisely because they’re so simple to find and buy, kits like Philadelphia are also somewhat simpler to prepare for.
“It becomes a little bit easier to build defenses against it, versus somebody kind of fiddling in a lab that nobody knows about,” Schiappa says.
Furthermore, attention-grabbing incidents like the recent WannaCry pandemic finally have even penny-pinching, head-in-the-sand business owners ready to talk about—and spend on—security technology.
“It’s just a great opportunity for the channel to get out there and have that conversation with their customers,” Schiappa says.
More Galleries like This
In early announcements made at the start of this year’s Black Hat USA security conference, Webroot has launched a new certification program, Fortinet has unveiled a threat intelligence service, and NETSCOUT has integrated two advanced threat products.
The distributor plans to introduce self-serve quoting and integration tools this year and will unify its existing e-commerce systems with those it acquired through its purchase of Avnet Technology Solutions.
As leaders of CompTIA’s IT security community made clear last week at the technology association’s Annual Member Meeting, the security threat landscape has never been graver—or more potentially profitable—for channel pros.
New studies from Trend Micro and Thales suggest healthcare providers are vulnerable to attack and investing more heavily in security as a result.
Vendors are rolling out new solutions left and right this week at the U.S. edition of RSA’s annual security show. Here are 6 that caught ChannelPro’s eye.