When it's time to update firmware on, say, a router or a switch, the vast majority of folks head to the vendor site and grab whatever version they need, easy-peasy. But a large and growing number of admins don't have that luxury because the vendor requires paid support contracts to access those files -- and, in many cases, will only allow access to firmware for hardware covered under those contracts.
Even if you have a hefty support bill for a dozen devices on your network from the same vendor, you may not be able to download a much-needed update for an older unit because it isn't covered. Few things are more frustrating than finding a link to a firmware update that will fix all your problems, only to be prevented from downloading it because of such restrictions.
[ Download Paul Venezia's Networking Deep Dive for the basics of setting up a modern network. | For best practices on how to set up remote monitoring and control systems, see Paul Venezia's "Troubleshoot your data center from the easy chair." ]
It's enough to make even the mildest-mannered admins seethe -- to the point where they take a walk on the wild side and download black market firmware.
When the chips (and possibly the network) are down, admins may be left with little recourse. Even if they decide to add a device to the support contract to access much-needed firmware, that would take days -- not an option during a midnight firefight. So with a deep sense on unease, they turn to BitTorrent and file hosting sites to download these images, without really knowing if they're legitimate. It's a calculated risk at this point: If the network is down or hobbled, but can be brought back together via a downloaded image of questionable lineage, it might be worth it, at least in the interim. After all, what's the worst that could happen? A fradulent image that brings down the network?
With a tiny bit of Google-fu, you can easily locate firmware images for just about everything. There are torrents available that contain dozens of firmware releases for Cisco ASA firewalls, routers, and switches. Pull that down, load up the right image, and off you go -- but you're now running firewalls, routers, or switches on code from an unknown origin. If you can't access the checksums from the original image, you're gambling that these images have been provided by good Samaritans who've been in this situation before, rather than a gang of Chinese hackers who have surreptitiously slipped in their own backdoor code. Again, when everyone's running around with their hair on fire, it's a risk that many would take.