Forgot your password?
typodupeerror
Security

+ - The Economics of Targeted Attacks->

Submitted by Trailrunner7
Trailrunner7 (1100399) writes "Researchers and security vendors have been telling us for years now that attackers have developed sophisticated, targeted attacks designed to separate victims from their money as quickly and cleanly as possible. If that's so, why aren't all of us being compromised on a regular basis? A researcher from Microsoft Research posited at the WEIS 2010 workshop Tuesday that the answer is simple economics.

The amount of time and money it takes to send out 10 million phishing emails versus five million emails is negligible once the attacker has his infrastructure in place. As a result, these attacks are still quite prevalent, despite their diminishing economic return. But even with relatively low returns per attack, these kinds of scalable attacks yield a high profit for professionals, said Cormac Herley of Microsoft Research."Non-scalable attacks have to be selective attacks. Every attack costs you something," Herley said. "If the non-scalable attacks can't match the return of the scalable attacks, she should change tactics. At equal costs, she needs a way better yield. But competing on yield makes no sense because when she extracts the same value per victim, there's too much effort.""

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

The Economics of Targeted Attacks

Comments Filter:

The devil finds work for idle circuits to do.

Working...