1Q2014 Accomplishments and Juniper Networks Sponsored RAND Corporation Report on Cyber Black Markets
Apr 9, 2014
These past few months have been an exciting start to our 2014 journey. As we approach the close of the first quarter and prepare to open the door to the second quarter filled with future opportunities, I’d like to reflect on the positive movement we have made so far. Juniper demonstrated leadership by unveiling innovative solutions, most notably Firefly Suite, Junos® Fusion, NorthStar Controller, and Juniper Argon Secure. We teamed with Verisign to provide a hybrid solution for DDoS protection that effectively combats the growing diversity of DDoS attacks. We also announced customer deployments of Juniper Networks products and solutions including:
Cloud Dynamics, leader in software-defined cloud data centersdeployed Juniper Networks Contrail as the virtual network solution powering Cloud Dynamics CloudDC™, a complete, end-to-end converged cloud infrastructure solution.
EVA AIRWAYS CORPORATION, Taiwan's second largest airline,deployed Juniper’s MetaFabric Architecture for Its Data Center Network to better support virtualized operations.
GTT Communications ("GTT"), leading provider of cloud networking solutions, expanded its offerings by introducing 100GE capacity on a global scale powered by Juniper Networks® MX Series routers and the latest generation of high-density MPC4E line cards.
Telecom Italia Mobile Brasil (TIM), one of the leading telecom providers in Brazil, deployed Juniper's market-leading SRX5600 and 5800 Series Services Gateway for improved performance, scalability and integrated security services across its new LTE network.
Catholic Health System, a non-profit healthcare system that provides medical services to Western New Yorkers across numerous care centers and hospitals,deployed Juniper Networks chassis-based switches within the core and top-of-rack switches within two data centers, a comprehensive portfolio of Juniper Networks security solutions, including advanced network firewall technologies, as well as remote access and intrusion detection and prevention appliances, and Junos Space Network Director.
The momentum does not end here. Following on Nawaf Bitar’s keynote at RSA Conference in February, Juniper sponsored research by the RAND Corporation on Cyber Black Marketstitled“Markets for Cybercrime Tools and Stolen Data: Hackers’ Bazaar.” For the first time this report applies economic analysis to better understand how these black markets function. With cybercrime continuing to be a significant concern, RAND Corporation revealed that cyber black markets are maturing and growing to a multi-billion-dollar economy with a robust infrastructure and social organization. RAND found five key indicators of economic maturity, including sophistication, specialization, accessibility, reliability and resilience. Juniper Networks likens the hacker black markets to a thriving metropolitan city with diverse communities, industries and interactions.
Some of the key highlights include:
Storefronts - Like other forms of e-commerce, many data records, exploit kits and goods are bought and sold from storefronts -- which can encompass everything from instant messaging chat channels and forums to sophisticated stores. RAND found some organizations can reach 70 to 80,000 people, with a global footprint that brings in hundreds of millions of dollars.
Service Economy - RAND found that not only goods, but criminal services are available for purchase. These tools, sold on the black market as traditional software or leased like a managed service, can help enable the most unskilled hackers to launch fairly elaborate and advanced attacks. For example, RAND found botnets, which can be used to launch a Distributed Denial of Service (DDoS) attack, are sold for as low as $50 for a 24-hour attack.
Hierarchal Society - Much like a legitimate business, RAND found it takes connections and relationships to move up the (cyber) food chain. Getting to the top requires personal connections and those at the top are making the lion's share of the money.
Rule of Law - There is indeed honor among thieves. RAND found many parts of the cyber black market are well structured, policed and have rules like a constitution. In addition, those who scam others are regularly banned or otherwise pushed off the market.
These are just a few of the key highlights, I invite you to read the full report by the RAND Corporation and check out Juniper Networks blogs and interactive tools for additional perspectives on RAND’s report.