Amazon triples malware hosting in six months

Yesterday, the release of a Security Engineering Research Team (SERT) Quarterly Threat Intelligence Report for Q2, 2014 by Solutionary, identified the top 10 global Internet Service Providers (ISPs) and hosting providers that hosted malware. Amazon retained the number one position as malware-hosting global ISP of the 21,000 plus ISPs that were assessed.

Perhaps more disturbingly, the report revealed that the amount of hosted malware on Amazon had gone from 2013's 16 percent for the entire year to an astounding 41 percent by July 2014 — nearly tripling in half the time.

“It is likely that attackers are leveraging larger providers due to cost and ease of use, where a site can be up and running in minutes with minimal cost,” the report surmised. It hypothesised that attackers might be targeting Amazon due to the Elastic Cloud Compute (EC2), a web service that bases capacity on actual consumption, scaling it with flexibility at a low rate.

"The findings should provide the information security community with a good understanding of the threat landscape so they better understand the adversaries' behaviour," commented SERT director of research at Solutionary, Rob Kraus. "The tricky part of information security,” he continued, “is that the second you make it more difficult for a malicious actor, they have already moved on the next weak link."