UPDATED 07:50 EST / JULY 17 2014

AWS is still the web’s biggest malware host

malware-297722_640AWS has something of a malware problem, with the number of infected websites hosted on its cloud more than doubling in the last six months.

NTT’s subsidiary Solutionary revealed the findings in its latest Security Engineering Research Team (SERT) report on Tuesday. It said that among the top ten ISPs and hosting companies, the proportion of malware-hosting sites housed on AWS servers rose from 16 percent in 2013 to 41 percent by the end of Q2 this year.

But AWS isn’t the only one guilty of allowing net nasties to fester. Others saw malware increase too. For instance, malware on the European web host OVH rose from 10 to 13 percent, while Akamai saw a rise from 9 to 12 percent, and Google’s infection rate rose from 6 to 9 percent. The best performing well known web hosting company was GoDaddy, which saw malware on its servers decline from 14 percent to just 2 percent.

But AWS remains by far and away the most popular host for malware, as was the case in the SERT’ report in Q4 of last year. One obvious reason for this is AWS’ massive size and popularity, not too mention its super cheap prices that allow even the tightest of hackers to deploy server images in AWS cloud.

Speaking to The Register, Solutionary’s Chad Kahl said that cloud instances are super easy to provision on major web hosters like Amazon and GoDaddy. He pointed out that in many cases cybercriminals won’t need to do this, as “they can buy an entire command-and-control infrastructureand a phishing website to set up, and a drive-by-download website to set up.”

Another problem that web hosters have is cyber criminal’s tendencey to flit between different providers, bouncing between web hosts, ISPs and proxy hosts located in different countries to try and avoid detection.

Moreover, clearing up their infrastructure would be a very costly task for any of the above-mentioned providers, and so it would be difficult for them to justify doing so.

“The question is can these providers put the infrastructure in to scan everything?” asked Kahl. “When we’re talking about someone as big as Amazon or GoDaddy it would be a significant investment both in architecture and in time to go through and monitor everything as it’s being put up – regular scans – to detect everything and take down these groups.”

Image credit: Nemo via Pixabay.com

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU

Cookies

We employ the use of cookies. Find out more.