Earlier today, at the Black Hat USA security conference in Las Vegas, U.K.-based security vendor Sophos Ltd. published a new white paper about an insidiously slick and effective “ransomware-as-a-service” (RaaS) kit named Philadelphia. Here’s an inside look at that underworld product offering and preview of the threat landscape ahead based on a recent conversation with Dan Schiappa, senior vice president and general manager of the end user and network security group at Sophos.
First the bad news: according to Schiappa, cheap, simple, readymade exploits like Philadelphia will combine with strong profits and proliferating targets to keep ransomware purveyors in the headlines for many years to come.
“That’s a multi-, multi-hundred-million-dollar a year business that’s not going anywhere,” he says. “No matter what kind of technology the industry provides to make it difficult for them, they’ll find low hanging fruit and find ways to get in.”
Now the good news, at least as far as RaaS is concerned: precisely because they’re so simple to find and buy, kits like Philadelphia are also somewhat simpler to prepare for.
“It becomes a little bit easier to build defenses against it, versus somebody kind of fiddling in a lab that nobody knows about,” Schiappa says.
Furthermore, attention-grabbing incidents like the recent WannaCry pandemic finally have even penny-pinching, head-in-the-sand business owners ready to talk about—and spend on—security technology.
“It’s just a great opportunity for the channel to get out there and have that conversation with their customers,” Schiappa says.
More Galleries like This
Looking for an uncrackable password? Here are ways to create the best password possible—and actually remember it.
The security vendor foresees less ransomware, more business email compromise scams, and a dangerous increase in attacks on industrial infrastructure control systems.
The managed services software maker plans to build Internet of Things functionality and data-driven automation into its solutions, and to create a new offering for break-fix providers.
What the future holds for Avnet resellers, new online pricing and ordering programs, and new security partnerships were among the topics Tech Data executives discussed with ChannelPro last week.