WHO IS RESPONSIBLE FOR DDOS ATTACKING US?
And why Fortune 500 Telecom and Technology vendors are on that list?
Information is power.
And information technology, is well…
Especially when we are so much reliant on the internet.
In the last several weeks the internet has
experienced the most significant DDoS attacks.
But who performed these attacks?
Is it a nation state?
Is it an anonymous organization?
The answer: it depends.
It is hard to say who is responsible for this
kind of attack as it is based on opensource
software running on 17K+ servers worldwide.
But can we be more responsible for the infrastructures we own?
So why can’t Fortune 500 companies do the same?
Especially when they are large cloud vendors.
This is a good question.
In recent publication dubbed memcrashed,
hackers have exploited memcashed servers to deliver amplification ddos attacks.
The largest attack in history.
A recent pastebin post pointed at 17K+ vulnerable servers.
So how it relates to Fortune 500 companies?
Because 20% of these servers are either hosted, owned or operated by a Fortune 500 company.
The companies which exposed the most memcached servers (based on the pastebin post):
3 france telecom
5 china mobile
7 america movil
11 deutsche telekom
12 time warner
13 mtn group
14 tencent holdings
15 rogers communications
19 emerson electric
23 merck & co
24 verizon communications
26 tata teleservices
33 tata communications
34 hewlett packard
36 sk telecom
38 twenty-first century fox
42 state street
44 united nations
47 bt group
Can these companies take more responsibility on their infrastructures?
Sure, and hopefully they will.
Cyber security is a great, global challenge and it seems like all hands are on deck.
We believe large corporations, especially cloud vendors,
should be taking more initiative to make things better for the rest of us.
The information in this publication was based on research performed by www.peta.ai