Shadowserver is the most important online organisation you have never heard of.
For the past 15 years, it has been instrumental in much of the work that has kept the internet secure and functioning.
But all this could be about to change with Shadowserver now needing to raise urgent capital to keep going.
What is Shadowserver?
Shadowserver is one of the most important online security companies around. Every day they scan more than 4 billion IP addresses. That is the vast majority of the public internet.
Using the information generated, they produce activity reports for more than more than 4,600 network operators. They also feed information into national computer security incident response teams in more than 107 countries around the world.
In addition, Shadowserver also holds a database of more than 1.2 million malware samples and holds than 11.6 petabytes of threat intelligence and malware-related data.
All of this is made freely accessible for organisations across the globe to protect themselves and develop online security tools.
Shadowserver is not just a monitoring service. It also works to contain online security incidents. It operates a huge honeypot programme that lures in hackers and then records information about them.
It also runs what is known as “sinkholing” infrastructure that is able to divert malicious traffic away from its intended targets.
This tool sinkholes up to 5 million IP addresses per day which prevents a massive amount of malicious traffic from threatening other internet users.
Lastly, it also runs a “registrar of last resort.”
This allows it to take control of malicious domain names and therefore disrupt criminal infrastructure. It is able to prevent malware from phoning home to receive a hacker's commands and so render it inactive.
Shadowserver operates all of these tools independently but also in conjunction with law enforcement agencies around the world. They have been at the heart of some of the highest-profile hacker take-down operations in recent years.
Why Shadowserver needs capital
While Shadowserver has operated as an independent organization it has, for the past 15 years, been funded exclusively by Cisco.
But Cisco is now restructuring its budgets and that funding tap has been switched off. That means Shadowserver needs to raise capital to plug the gap.
The founder of Shadowserver, Richard Perlotto, has chosen to take this opportunity to change the way that the organisation is funded moving forward.
It wants to make Shadowserver a fully community-funded alliance that doesn't rely on any one contributor to survive.
It is probably a wise move, but it does mean that in the short-term, Shadowserver is faced with a tricky transition period. In the next few weeks, it needs to raise an estimated $400,000 to keep operating. It will then need to raise a further $1.7 million by the end of the year.
That is a big ask for any organisation at the best of times. But with the entire globe preoccupied with coronavirus at the moment, it looks an even bigger challenge.
Shadowserver has set up a page to allow anyone to make a donation.
Smaller individual donations can be made via Paypal while larger corporate donations are handled separately. You can read more about their fundraising efforts and donate yourself at https://www.shadowserver.org/sponsor/
Why you should support Shadowserver
While the amounts that Shadowserver need to raise are sizable for the likes of you and me, it is actually a drop in the ocean compared to the amounts companies spend on cyber-security around the world.
Given the critical functions that Shadowserver deliver, it is also an extremely modest sum. To replace the work that they do would cost many times more than what they are currently seeking to raise.
In particular, the relationships with law enforcement and Shadowserver’s critical infrastructure would take many years to rebuild.
Another unique feature to Shadowserver is that it is totally independent and not part of a bigger for-profit organisation. They are certainly not the only company doing this type of work, but they are the only one not focused on research on behalf of big tech companies of one kind or another.
As Roland Dobbins, principal engineer of Netscout Arbor, said to Wired magazine, “[Shadowserver] is something that’s absolutely vital to internet security for everyone, and those in the operational security community and law enforcement communities who took advantage of it basically thought it was free forever.”
They are now finding out that it isn’t completely free, but it is available at a great price if you pay up now.
Hopefully Shadowserver will be successful in its fundraising efforts. But if it isn’t, much of its hard work could be undone. That’s why we are writing about it today and we would urge you to contribute what you can and share this story with your friends and colleagues too.
Like coronavirus, we need everyone to do their bit to keep the internet safe and ensuring Shadowserver can continue to operate is a critical part of this.