Countries Warn of Cyber Risks From Bulletproof Hosting Providers
The U.S., Canada, Australia, New Zealand, the U.K. and the Netherlands issued a joint alert this month about the risks stemming from bulletproof hosting (BPH) providers, which are internet infrastructure providers that market and lease their infrastructure to cybercriminals, including those subject to sanctions.
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
Such providers resell stolen or leased infrastructure from legitimate hosting providers, data centers or cloud service providers that may unknowingly allow BPH providers to provide infrastructure to cybercriminals, the alert said, which enables them to carry out attacks on critical infrastructure. The countries urged internet service providers to take steps to reduce the chance of those cyberthreats, including by making customers aware of the risks and establishing know-your-customer procedures, including by better vetting and collecting information to make sure customers aren't BPH providers leasing infrastructure to cybercriminals.
The joint alert was published after the U.S., the U.K., Australia and others sanctioned Russia-based Media Land and ML.Cloud, along with their key officials, for operating as cybercrime service providers (see 2511190012 and 2511210006).