Ride the Lightning
Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.
How Much Does it Cost to Buy a Zero-Day Exploit?
April 18, 2012
I guess I knew that zero day exploits were for sale, but now I'm thinking about taking up a new career. There is SERIOUS money made by "The Zero-Day Salesmen" as reported by Forbes in its April 9th print issue. Apparently, hackers sell their best tricks to government spies at six-figure prices.
French security firm Vupen has a team of hackers and sells to – well – anyone.Their CIO says "Vupen doesn't want to know how their exploits are used . . . As long as the check clears." OK, they get points for transparency, but it seems like a rather amoral and shameless way to make a living.
The print version of the article actually contained a chart of the prices that zero-day exploits command ranging from a low of $5,000 for something that can hack the most current version of Adobe Reader to up to $250,000 for an exploit that can hack Apple's iOS.
Why would a government buy these exploits? To spy on dissidents. To spy on other governments. Think with a Machiavellian mind and you can see why governments, both savory and unsavory (though that line is blurry), might purchase them. I have no doubt our tax dollars have purchased them.
These are bullets for a cyberwar that's sure to come – and governments are loading their arsenals. I am convinced that many shots have been silently fired already.
Listen to the Podcast
