Monetizing vulnerabilities

The phrase “Knowledge is power” has never before become so clear and scary.  The knowledge that is kept secret can be even more dangerous.  Dangerous for U.S. citizens, their privacy while browsing the internet, people overseas, and all companies worldwide.  This is because there are bugs within their software that can be exploited and these bugs or vulnerabilities are being sold to government agencies who can then exploit them at a later date.

The type of vulnerabilities being sold is called “zero-day exploits.”  This means the original software builder and company using the software has no idea there is a problem and has no way to protect themselves from an attack.

These researchers make their living by finding these flaws.  The kicker is that they don’t tell the company using the software of the bug in order to fix it, as was the case a couple years back where they could fix the problem at hand and make the software more secure, but now they are keeping this information secret and selling it to other companies who can exploit it later.

With the growing market of selling vulnerabilities, U.S. security and the security of all citizens are at greater risk.  The long-term repercussions could be devastating as this information is sold and kept secret.  Such vulnerabilities are used by hackers to steal data or disrupt business operations and by foreign governments to spy or destroy defense systems, bank systems, and identities.

About The Author

Eric Vanderburg

Eric Vanderburg is an author, thought leader, and consultant. He serves as the Vice President of Cybersecurity at TCDI and Vice Chairman of the board at TechMin. He is best known for his insight on cybersecurity, privacy, data protection, and storage. Eric is a continual learner who has earned over 40 technology and security certifications. He has a strong desire to share technology insights with the community. Eric is the author of several books and he frequently writes articles for magazines, journals, and other publications.

Leave a Reply