Price Gouging Hacking Victims
by Brent Kirkpatrick
(Date Published: 5/10/2018.)
Getting hacked is expensive, particularly when valuable data is stolen. The cost of a cyberattack is correlated with the value of the information that is stolen. Consider an organization that has a database of credit information. Each record in the database is worth a certain amount on the black market, because fraudsters can make money from the information. The cost of this organization being hacked is related to the value of the information that is stolen, because someone winds up paying the fraudsters. When the organization is hacked, people who were defrauded, as a result, often try to recover damages by suing.
Not only is there a legal cost to being hacked, but also the organization that pays for digital forensics is subsidizing everyone else's security. Take for example a company that is hacked and that wants to identify the hackers. In order to identify the hackers they pay for digital forensics. The forensics investigators discover a zero-day vulnerability and issue a security bug report to the affected software company. The software company then produces a security patch which is free for all of its customers. In essence, the hacked organization subsidized the patch for everyone.
Our cybersecurity economy price-gouges hacking victims. To solve this problem, Intrepid Net Computing offers a subscription security package where some of the incident response services come with the subscription. The product is set up so that you pay into the service every month, you get state-of-the-art preventative security measures, and you have the opportunity to submit a computer for analysis.
defendIT. AI-driven security measures derived from security incident data.