The Amazon public cloud is the largest in the world and so the recent reports that Amazon hosts more malware than any other cloud provider is not a surprise given all the recent publicity about the rise of malware. The Washington Post reported that the IT security firm Solutionary issued its Security Engineering Research Team (SERT) Quarterly Threat Intelligence Report that the “U.S. accounts for 44% of hosted malware” and:
Attackers are leveraging services like Amazon and GoDaddy by either buying services directly or by compromising legitimate domains.
The SERT Report also included these findings:
- The United States hosts 4.6 times more malware than the next leading country, providing continuing evidence that geographic blocking strategies are not an effective defensive mechanism for U.S. organizations to use against malware.
- Malware samples gathered in Q4 were undetectable from over 40 anti-virus engines tested.
- 58% of malicious files obtained were identified as HTML files, 26% were directly executable.
- Many malware developers and distributors are utilizing social engineering tactics, including the use of trusted keywords and services, to evade detection and increase potential infection counts.
- Cloud hosters and service providers need to do more to prevent malicious use of their services.
- A single malicious domain was spread across 20 countries, 67 providers and 199 unique IPs to evade detection.
Given this malware news it should come as no surprise that in LinkedIn’s recent lawsuit it alleges that the Amazon cloud is used by mystery hackers for spam and scraping LinkedIn content.