Cisco: Thousands of web hosting centers now launchpads for attacks

Web hosting centers around the world are being compromised by cyber-criminals that use them to launch major attacks against business and government, says Cisco in its annual security report. This threat really gained full steam last year, the company says.

Web hosting centers around the world are being compromised by cyber-criminals that use them to launch major attacks against business and government, says Cisco in its annual security report. This threat really gained full steam last year, the company says.

"They're installing malware to maintain control over resources," says Levi Gundert, Cisco technical lead for threat research, analysis and communications about the rise of criminally-manipulated web hosting centers. Attackers commandeered these hosting centers to make use of servers and bandwidth to launch any manner of attacks, such as powerful distributed denial-of-service (DDoS) against targets elsewhere.

+ Also on NetworkWorld: Anti-Bot Working Group to fight DDoS attacks from cloud infrastructure | NSA scandal spooks IT pros in UK, Canada +

By stealthily commandeering these hosting centers, "their goal is to get access to bare metal" to hide but keep control over resources they want at their disposal, Gundert points out. Cisco believes there are "many thousands" of these compromised web hosting centers around the world whose resources now lie under cyber-criminal control, he says.

This finding by Cisco tallies with similar observations recently made by members of the Cloud Security Alliance (CSA), the group seeking to establish security standards and best practices for cloud-based services environments.

At its conference in Orlando last month, the CSA announced what it calls its Anti-Bot Working Group because the crippling DDoS attacks being launched against business web sites and networks often originate within hosting facilities. The group is conducting research on this and may come up with a process for certifying cloud providers that follow CSA best practices.

Cisco's annual threat report about trends in 2013 also asserted that there is a severe shortage of security professionals worldwide trained to detect and remediate problems in network infrastructure. Cisco estimates the shortage for this year will reach 1 million security professionals -- a trend that may prompt more businesses to turn to outsourced services.

Ellen Messmer is senior editor at Network World, an IDG website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: emessmer@nww.com

Read more about wide area network in Network World's Wide Area Network section.

Join the Computerworld Australia group on Linkedin. The group is open to IT Directors, IT Managers, Infrastructure Managers, Network Managers, Security Managers, Communications Managers.

More about: Cisco, CSA, IDG, NSA
Comments are now closed.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: security, cloud security alliance, nsa, Wide Area Network
Whitepapers
All whitepapers

Galaxy S5 deep-dive review: Long on hype, short on delivery

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Sign up now to get free exclusive access to reports, research and invitation only events.

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia