To to get straight to the point, without reading the detailed story and full background (hyperlinks):
Global cybercrime protection at risk – essential non-profit organization loses funding for continuing protection of victims.
The Shadowserver Foundation is the leading non-profit provider of public benefit cyber security data and services to the world, with a track record proven over the past 15 years. Most national CERT/CSIRTs and many network owners depend on our free daily network reports for victim remediation. International Law Enforcement partners regularly rely on Shadowserver’s expert, behind-the-scenes support to disrupt cyber criminals, successfully stopping hundreds of millions of dollars of damages globally.
Key corporate sponsor Cisco Systems had been generously providing Shadowserver’s US based data center facilities and donating technical operations support staff for many years. However, we have recently been notified that Cisco is unable to continue being our primary financial supporter. Consequently, Shadowserver unexpectedly lost 7 donated-in US technical staff at short notice, and now has to move its entire US data center (104 racks, 1340 servers, ~12 petabytes of storage) somewhere else before May 26th 2020 to keep operating. This is obviously an extremely aggressive timeline.
Shadowserver does not have the cash reserves on hand to cover this unexpected situation itself, so urgently needs financial support from the community to avoid our US-based data center and all associated US-based public benefit services ceasing on May 26th 2020.
Without immediate assistance from our friends and supporters in the global community, who we have served to the best of our ability for the past 15 years, The Shadowserver Foundation will no longer be able to continue to operate most of our core public benefit services, including free daily network reports for all constituents.
This will remove our ability to notify National CERTs/CSIRTs and network owners of infected victims inside their networks, and prevent timely remediation of abusable, misconfigured or compromised devices globally. Shadowserver is the only free daily service to the entire Internet on this scale, is unique to our long standing community, and provides a proven rapid global response capability.
These services are particularly essential at a time of global uncertainty, where the real world COVID-19 virus outbreak means that millions of people will be highly dependent on the Internet for accurate healthcare information and remote working, or when the next Internet-wide virtual threat outbreak such as Mirai or Wannacry occurs (with the similar remotely wormable CVE-2020-0796 “EternalDarkness” vulnerability having just leaked last week). Millions of malware-infected victims all over the world, who are currently being sinkholed and protected from cybercriminal control by Shadowserver, may lose that critical protection – just at the time when governments and businesses are being forced to unexpectedly stretch their corporate security perimeters and allow staff to work from home on their own, potentially unmanaged devices, and the risk of another major Windows worm has increased.
Current expected costs to avoid a complete May 26th US data center shutdown are:
Note: EU project delivery and support services to active international Law Enforcement operations will not be immediately impacted, since these are currently funded independently, through our EU legal entity. But they will likely also be impacted in the longer term by the loss of our US data center.
We call on all impacted constituents, partners and members of the community to urgently rally to support Shadowserver’s continuing public benefit operation. Some trusted industry partners are already mobilizing to assist us and we will be reaching out to many more soon. If you can help, or know someone who can, please reach out on social media or get in touch by email urgently.
So in a challenging moment for Shadowserver, what can you do to help?
- Ask Shadowserver for a full Briefing on the Services, Benefits, and how Shadowserver Safeguards the Internet
- Join our mailing list to receive updates
The Shadowserver Foundation Team
Read Next: First Status Update