Honestly we are very tired of telling companies that they are infected, hosting malware or owned. What we are about to start doing is just posting the list of companies with the data attached so you can see for yourself what is being leaked. Why are we doing this? Because companies don't listen. We are looking at it this way. By automating the process we take out the human element. We will let our computers do the work for us and allow us to get back to what it is we want to do, which is auditing and securing companies that actually take their security posture seriously.
We have provided list of companies in the past and the media response is ridiculous and somewhat annoying. Everybody wants to jump on the big story but nobody wants to do the work of correlating the data to find the companies in data that is publicly available. Add in some proprietary analytics and soon enough our software will paint a bleak picture of what is really going on. I'll be interested in seeing if companies actually do anything to fix the issues or if they will just keep ignoring it like what has been happening.
Is it wrong to use analytics to correlate the data to point at the individual entities involved? This data is already out there in the public so I don't see an issue with it. And whois data is public data so if your responsible for the IP blocks in question you should be doing something to prevent the issue. Sending out notifications is time consuming at best. We are just gonna start blasting you with data and let you all make your own determinations... We will just point to the original sources so you don't think we are storing the data on our systems, lord knows we don't wanna create another incident. Even though we could just take the route of the world and just ignore it!
Buckle up folks, shits about to get interesting...
No comments:
Post a Comment