A Black Hat Business Plan…

TAO Security, Richard Bejtlich’s excellent blog on digital security, posts a ficticious but all too real budget for a black hat. The point of Richard’s post is that

… for $1 million per year an adversary could fund a Western-salaried black hat team that could penetrate and persist in roughly any target it chose to attack.

This is a bold claim and one that I support 100%. I told some of my colleagues at McAfee years ago that we may see a situation in the near future where a talented penetration tester will have to make a choice in working for company A or company B where the only difference between the two isn’t the benefits, salary, or health care but the “evilness” of the company. With so much money being made in the blackhat world, the scenario Richard portrays is entirely real.

Related posts

• “Disinformation” Now a Big Trend Among Hackers (0)
• Why Information Security is Important (0)
• Why did they even have the data in the first place? (0)
• What framework should you pick? (0)
• Well it was here a minute ago… (2)

Tagged as: attacker, blackhat, business plan, defense, IT Security, penetration, penetration test, Richard, Richard Bejtlich