Media Coverage

How Pittsburgh helped nail hackers in Eastern Europe who’d preyed on U.S. companies with impunity. GozNym malware attacks hit Western Pennsylvania in a big way in the spring of 2016. It took a while for investigators to determine the source of the problem. It was only after the FBI ordered a forensic examination of a victim’s machine that they learned the type of malware involved. The plan to take down the botnet involved seizing, blocking, and sinkholing—redirecting traffic from infected computers to servers controlled by law enforcement—800,000 malicious domains. Additional investigation led to the Avalanche administrator in Ukraine. The investigators’ response was launched on the last day of November. In a press release, Europol listed 30 countries that were involved in the operation. It credited Germany for leading the charge—specifically the Public Prosecutor’s Office in Verden and the Luneburg Police—“in close cooperation with” Tod Eberle’s office, DOJ, the FBI, and Europol and Eurojust. The Shadowserver Foundation also played a key role behind the scenes.

With the internet of things (IoT) gaining more popularity, common IoT devices such as routers, printers, cameras, and network-attached storage (NAS) devices, are becoming more frequent targets for cybercriminals. Unlike typical operating systems such as Windows and macOS, users are less likely to patch IoT devices. This is because users find the task more difficult and inconvenient since, in comparison, the operating systems of these devices have no auto-update feature and some manufacturers rarely even issue security updates at all. These are the kinds of systems that users log on to once in order to set them up and then never to do so again, unless they encounter a big problem. It also is not rare to find an outdated router — one that has been running for as long as the system has. As a result, many systems are left wide open to known vulnerabilities, which can lead to successful attacks even years after the first infection. While looking at these types of infections by known malware families, we found that one of the biggest reported malware families was from 2018’s VPNFilter.

The Institute for Security and Technology (IST) — in partnership with a broad coalition of experts in industry, government, law enforcement, nonprofits, cybersecurity insurance, and international organizations — is today launching a new Ransomware Task Force (RTF) to tackle this increasingly prevalent and destructive type of cybercrime. The RTF’s founding members understand that ransomware is too large of a threat for any one entity to address, and have come together to provide clear recommendations for both public and private action that will significantly reduce the threat posed by this criminal enterprise.

Iniciativa conjunta de CEDIA y The Shadowserver Foundation que está desplegando una red de sensores en América Latina y el Caribe, usando como base la tecnología desarrollada por Shadowserver para automatizar las implementaciones de los sensores y la experiencia de CEDIA como centro de respuesta a incidentes de seguridad informática (CSIRT). Joint initiative of CEDIA and The Shadowserver Foundation that is deploying a network of sensors in Latin America and the Caribbean, based on the technology developed by Shadowserver to automate sensor deployments and CEDIA’s experience as a security incident response center computer science (CSIRT).

Cybercrime continues to be an evolving threat that requires a collective and quick response. Left unchecked, cybercriminals can destabilize the digital economy and create disruptions that impact our financial security, jobs, access to online services and much more. Here at Mastercard, we find that intolerable. Mastercard is committed to protecting merchants, banks, governments and citizens from cybercrime—we’re going beyond the transaction to protecting every interaction. Today, we’re proud to announce our support and sponsorship of the nonprofit Shadowserver Foundation. We are proud to act as ambassadors for their mission. Our hope is that through our partnership, more organizations and companies will take advantage of the valuable information they provide. By collectively sharing insights, we can build a safer digital ecosystem, one that supports the digital economy working for everyone, everywhere.

Avast donates $500,000 to ensure ongoing cybersecurity community partnership. The Shadowserver Foundation, a nonprofit security organization, works behind the scenes to make the internet more secure for everyone. I am very proud to announce that Avast is funding the foundation with $500,000, the largest single donation in 2020. Avast believes that partnering with others to improve cybersecurity is critical to the cybersec community. Combining forces is paramount in fighting against bad actors, cybergangs, and nation-states from spreading their malware. For more than a decade, Avast has partnered with Shadowserver by sharing threat intelligence with the foundation by allowing them to use our AV scanner. Shadowserver collects intelligence from various players in the cybersecurity industry, and runs their own scans and honeypots, all to reveal security vulnerabilities, combat malicious activities, and help victims. When Shadowserver put out their urgent call for funding, we started assembling resources.

Antivirus company Trend Micro will sponsor the Shadowserver Foundation, a non-profit foundation registered in the Netherlands and the United States that works to combat botnets and cybercrime, with a total of $ 600,000 over the next three years. The foundation collects large amounts of information about botnets, malware and other criminal networks and shares it with providers and government services, such as Computer Emergency Response Teams (CERTs). The foundation can continue to exist thanks to all kinds of sponsors

If the first few months of 2020 have taught us anything, it’s the importance of collaboration and partnership to tackle a common enemy. This is true of efforts to fight the current pandemic, and it’s also true of the fight against cybercrime. So when we heard that one of these partners, the non-profit Shadowserver Foundation, was in urgent need of financial help, we didn’t hesitate to step in. Our new $600,000 commitment over three years will help to support the vital work it does collecting and sharing global threat data for the next three years.

THE INTERNET SECURITY group Shadowserver has a vital behind-the-scenes role; it identifies online attacks and wrests control of the infrastructure behind them. In March, it learned that longtime corporate sponsor Cisco was ending its support. With just weeks to raise hundreds of thousands of dollars to move its data center out of Cisco’s facility—not to mention an additional $1.7 million to make it through the year—the organization was at real risk of extinction. Ten weeks later, Shadowserver has come a long way toward securing its financial future. On Wednesday, the IT security company Trend Micro will commit $600,000 to Shadowserver over three years, providing an important backbone to the organization’s fundraising efforts. The nonprofit Internet Society is also announcing a one-time donation of $400,000 to the organization.

Digital Realty has reached an agreement with The Shadowserver Foundation to support the foundation’s data centre infrastructure needs at Digital Realty’s facility in Oakland, California. The Shadowserver Foundation, a non-profit security organisation working to make the internet secure, launched a search for a data centre provider offering the footprint, connectivity and flexibility needed to support its growing collection, processing and analysis of critical internet security data that help businesses safeguard operations.