Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Security

Submission + - The Economics of Targeted Attacks (threatpost.com)

Trailrunner7 writes: Researchers and security vendors have been telling us for years now that attackers have developed sophisticated, targeted attacks designed to separate victims from their money as quickly and cleanly as possible. If that's so, why aren't all of us being compromised on a regular basis? A researcher from Microsoft Research posited at the WEIS 2010 workshop Tuesday that the answer is simple economics.

The amount of time and money it takes to send out 10 million phishing emails versus five million emails is negligible once the attacker has his infrastructure in place. As a result, these attacks are still quite prevalent, despite their diminishing economic return. But even with relatively low returns per attack, these kinds of scalable attacks yield a high profit for professionals, said Cormac Herley of Microsoft Research."Non-scalable attacks have to be selective attacks. Every attack costs you something," Herley said. "If the non-scalable attacks can't match the return of the scalable attacks, she should change tactics. At equal costs, she needs a way better yield. But competing on yield makes no sense because when she extracts the same value per victim, there's too much effort."

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

The Economics of Targeted Attacks

Comments Filter:

The earth is like a tiny grain of sand, only much, much heavier.

Working...