Welcome!

Microservices Expo Authors: Zakia Bouachraoui, Elizabeth White, Pat Romanski, Liz McMillan, Yeshim Deniz

News Feed Item

Solutionary SERT 2014 Q2 Threat Intelligence Report Shows Amazon-Hosted Malware Nearly Triples in First Half of 2014, GoDaddy Improves From the Fourth Quarter

Out of 21,000 Analyzed, 10 Internet Service Providers Host 52 Percent of Malware

OMAHA, NE -- (Marketwired) -- 07/15/14 -- Solutionary, an NTT Group security company (NYSE: NTT), and next generation managed security services provider (MSSP), today announced the results of its Security Engineering Research Team (SERT) Quarterly Threat Intelligence Report for Q2, 2014. Solutionary SERT analyzed the threat landscape using data captured by the patented, cloud-based Solutionary ActiveGuard® platform and global threat-intelligence network. As part of its research, the Solutionary SERT identified the top 10 global Internet Service Providers (ISPs) and hosting providers that hosted malware out of more than 21,000 ISPs. Amazon remained the top malware-hosting ISP and saw an increase of approximately 250 percent, while Q4 13's second-most afflicted ISP, GoDaddy, fell 12 percent. In addition to malware analysis, the Q2 threat report provides in-depth analysis and insights by Solutionary threat researchers on the OpenSSL Heartbleed vulnerability discovered in April, 2014. Readers will also find several sections in the report which provide timely, actionable information that can be used to help secure organizations.

Tweet This: @Solutionary Q2 Threat Report: #Amazon-hosted malware nearly triples in first 2 quarters of 2014 http://goo.gl/il19jL #infosec

"The findings on hosted malware in the Q2 threat report reinforce our research from 2013 and provide additional insights into the mindset and cunning of today's attackers. The findings should provide the information security community with a good understanding of the threat landscape so they better understand the adversaries' behavior," said Rob Kraus SERT director of research, Solutionary. "From an organizational perspective, attention to detail, especially the security basics, is often enough to deter a malicious individual or group of individuals. The tricky part of information security, and the reason we must always be mindful of the trends in the industry, is that the second you make it more difficult for a malicious actor, they have already moved on the next weak link."

Key Findings:

  • Amazon retained the number one spot for malware hosts among top ISPs
    • The amount nearly tripled, from 16 percent at the end of 2013, to 41 percent halfway through 2014. It is likely that attackers are leveraging larger providers due to cost and ease of use, where a site can be up and running in minutes with minimal cost. They may also use Amazon's hosting services because of the Elastic Cloud Compute (EC2) Web service, which allows the flexibility to scale capacity as needed at a low rate, based on the actual capacity that is consumed.
  • GoDaddy, a hotbed for malware hosting in the past, saw a sharp decrease
    • Down from 14 percent in 2013, GoDaddy only accounted for 2 percent of malware hosted by the qualifying ISPs. While this may indicate improved efforts to identify and shutdown domains that are actively hosting malware, it is possible that malicious actors have simply moved on to other, smaller service providers such as new entrants Akrino and Website Welcome.
  • U.S. still number one malware-hosting nation
    • The United States extended its overwhelming lead from 44 percent of hosted malware tracked in Q4 2013 to 56 percent in Q2, 2014. France, Germany and China represent the next largest samples respectively.
  • Movers and Shakers: France, The Virgin Islands and Ireland all see increase in hosted malware; Germany, The Netherlands, Russia, The U.K. and Canada decrease
    • The decrease of malware in Russia is likely attributed to a string of arrests related to malware development, including a large portion of the ring responsible for the BlackHole exploit kit.
  • Top 10 ISPs represent source of more than half malware identified
    • Data shows that from more than 21,000 ISPs associated with captured malware samples, the top 10 were the source of 52 percent of the malware identified in the new period.

To access a copy of the complete report, please visit: http://www.solutionary.com/research/threat-reports/quarterly-threat-reports/sert-threat-intelligence-q2-2014

About Solutionary
Solutionary, an NTT Group security company (NYSE: NTT), is the next generation managed security services provider (MSSP), focused on delivering managed security services, security consulting services and global threat intelligence. Comprehensive Solutionary security monitoring and security device management services protect traditional and virtual IT infrastructures, cloud environments and mobile data. Solutionary clients are able to optimize current security programs, make informed security decisions, achieve regulatory compliance and reduce costs. The patented, cloud-based ActiveGuard® service platform uses multiple detection technologies and advanced analytics to protect against advanced threats. The Solutionary Security Engineering Research Team (SERT) researches the global threat landscape, providing actionable threat intelligence, enhanced threat detection and mitigating controls. Experienced, certified Solutionary security experts act as an extension of clients' internal teams, providing industry-leading client service to global enterprise and mid-market clients in a wide range of industries, including financial services, healthcare, retail and government. Services are delivered 24/7 through multiple state-of-the-art Security Operations Centers (SOCs).

Travis Anderson
925-271-8227
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Microservices Articles
When building large, cloud-based applications that operate at a high scale, it’s important to maintain a high availability and resilience to failures. In order to do that, you must be tolerant of failures, even in light of failures in other areas of your application. “Fly two mistakes high” is an old adage in the radio control airplane hobby. It means, fly high enough so that if you make a mistake, you can continue flying with room to still make mistakes. In his session at 18th Cloud Expo, Lee A...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism across F5's entire product suite. MacVittie has extensive development and technical architecture experience in both high-tech and enterprise organizations, in addition to network and systems administration expertise. Prior to joining F5, MacVittie was an award-winning technology editor at Network Computing Magazine where she evaluated and tested application-focused technologies including app secu...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple cloud provider environments. Yet, despite this portability promise, developers may include configuration and application definitions that constrain or even eliminate application portability. In this session we'll describe best practices for "configuration as code" in a Kubernetes environment. We will demonstrate how a properly constructed containerized app can be deployed to both Amazon and Azure ...
Modern software design has fundamentally changed how we manage applications, causing many to turn to containers as the new virtual machine for resource management. As container adoption grows beyond stateless applications to stateful workloads, the need for persistent storage is foundational - something customers routinely cite as a top pain point. In his session at @DevOpsSummit at 21st Cloud Expo, Bill Borsari, Head of Systems Engineering at Datera, explored how organizations can reap the bene...
Using new techniques of information modeling, indexing, and processing, new cloud-based systems can support cloud-based workloads previously not possible for high-throughput insurance, banking, and case-based applications. In his session at 18th Cloud Expo, John Newton, CTO, Founder and Chairman of Alfresco, described how to scale cloud-based content management repositories to store, manage, and retrieve billions of documents and related information with fast and linear scalability. He addresse...
The now mainstream platform changes stemming from the first Internet boom brought many changes but didn’t really change the basic relationship between servers and the applications running on them. In fact, that was sort of the point. In his session at 18th Cloud Expo, Gordon Haff, senior cloud strategy marketing and evangelism manager at Red Hat, will discuss how today’s workloads require a new model and a new platform for development and execution. The platform must handle a wide range of rec...
SYS-CON Events announced today that DatacenterDynamics has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY. DatacenterDynamics is a brand of DCD Group, a global B2B media and publishing company that develops products to help senior professionals in the world's most ICT dependent organizations make risk-based infrastructure and capacity decisions.
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true ...
In his keynote at 19th Cloud Expo, Sheng Liang, co-founder and CEO of Rancher Labs, discussed the technological advances and new business opportunities created by the rapid adoption of containers. With the success of Amazon Web Services (AWS) and various open source technologies used to build private clouds, cloud computing has become an essential component of IT strategy. However, users continue to face challenges in implementing clouds, as older technologies evolve and newer ones like Docker c...