economics of abuse operations application to hosting
play

Economics of Abuse Operations: Application to Hosting Matthew C. - PowerPoint PPT Presentation

Feb 22, 2024 •240 likes •444 views

Economics of Abuse Operations: Application to Hosting Matthew C. Stith September 28, 2016 San Jose, Costa Rica LACNIC 26 | San Jose | September 2016 About the presenter 8 Years at Rackspace Rackspaces Acceptable Use Team and

  1. Economics of Abuse Operations: Application to Hosting Matthew C. Stith September 28, 2016 San Jose, Costa Rica LACNIC 26 | San Jose | September 2016

  2. About the presenter • 8 Years at Rackspace • Rackspace’s Acceptable Use Team and Postmaster • Co-Chair of M3AAWG’s Hosting Committee • Member of M3AAWG’s Board of Directors

  3. History of Rackspace Anti-Abuse Teams • The beginning • Lessons learned • Change in the landscape and team • The Future

  4. In the beginning there was spam • Rackspace was founded in 1998 but did not have an Acceptable Use Policy or AUP team until 2000 – Reports that Rackspace was a haven for child exploitation and spammers was published – Law enforcement contacted Rackspace about the existence of child exploitation – Acceptable Use Policy was written and a team formed

  5. More Spam and Buyin from Above • The “Spammer Special” • Skylist (2002) – Rackspace’s first 1 million dollar customer – Was a notorious spammer – Became listed on Spamhaus’ ROSKO list 2003 – An entire new datacenter was all blacklisted • Rackspace leadership made the decision to terminate Skylist • Along with the passage of the CAN-SPAM

  6. A lesson in enforcement • Rackspace received its first Law Enforcement request in 2004 for Indymedia • On the advice of counsel we contacted the FBI and did everything that they said.

  7. It did not go well

  8. It did not go well

  9. The Rise of “THE CLOUD” • Fast forward to 2008 – Kicking spammers off the network – Preventing exploitation on network – Proper processes for customers and the business – Then suddenly … .. The cloud • Within months spam complaints became hacking complaints • Fraud … . So much fraud Poor controls, no limits Customers getting IPs that were already tainted

  10. The future • Data Driven Approaches • Automate • Integration with product organizations

  11. Putting an abuse desk into perspective • Protecting the system – Being on the internet makes your company a target for abuse – No one customer is bigger than the whole system – Pay attention to outliers • Protecting the customer – Users are your weakest point of defense – Customers depend on the service to be up – Deter malicious parties from considering your service – Know about issues with customers before they do

  12. Compromises • Customer services and accounts – Support – Remediation – Downtime of customer/system environments • Customers attacking other customers – Gives the appearance of lack of security – Having to play both sides of the fence (complainer and complainant) • Knowledge of when and how to suspend/terminate

  13. Attacks • Phishing campaigns on customers and employees – Theft of information • Personal • Financial • Company Specific • DDOS – Misconfigurations – Retaliation • Hacking – Brute force – Defaced sites / Malware payloads

  14. Fraud • Impacts profitability – Chargebacks – Revenue loss from usage • Network issues – IP and domain blacklisting – Over utilization of resources • Support overhead – Accounts receivable – Support being abused

  15. Fraud Trends Cloud

  16. Fraud Trends Cloud

  17. Fraud Trends Email

  18. Fraud Trends Email

  19. Industry Expertise and Partnerships • The landscape can change rapidly • Training of staff and customers • Gaining and sharing knowledge – Certifications – Trusted reporters and contacts – Industry specific groups • Faster remediation of issues impacting your network from outside sources

  20. A word on headcount • “I’ll just ask for a team of 20 people to fight all of this!” • Start small aim for what impacts your system the most • Gather data – Customer downtime due to abuse – Loss of revenue – Blacklistings – Compromises/Fraud – Overall complaints and type • Grow organically – Know what kind of worker you are looking for – Sometimes head count isn’t the answer

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Overview of the Application pp Hosting Environment Stefan Zasada University College London y

Overview of the Application pp Hosting Environment Stefan Zasada University College London y

Overview of the Application pp Hosting Environment Stefan Zasada University College London y g 1 The Application Hosting Environment Environment Based on the idea of applications as web services Lightweight hosting environment

492 views • 24 slides
Measuring the Impact of Sharing Abuse Data with Web Hosting Providers Marie Vasek , Matthew

Measuring the Impact of Sharing Abuse Data with Web Hosting Providers Marie Vasek , Matthew

Measuring the Impact of Sharing Abuse Data with Web Hosting Providers Marie Vasek , Matthew Weeden, and Tyler Moore University of Tulsa WISCS 24 October 2016 1 of 27 StopBadware Founded in 2006 by Harvards Berkman Klein Center for

397 views • 27 slides
DOMAINS AND HOSTING Web Application Development AGENDA A bit about domain names A bit

DOMAINS AND HOSTING Web Application Development AGENDA A bit about domain names A bit

DOMAINS AND HOSTING Web Application Development AGENDA A bit about domain names A bit about web hosting A bit about DNS info used in web hosting DOMAIN NAMES Web Application Development Duh WHAT IS A DOMAIN NAME? The

696 views • 42 slides
Creating an Environment for Successful Visits The Application of Protocol Principles to Hosting

Creating an Environment for Successful Visits The Application of Protocol Principles to Hosting

Creating an Environment for Successful Visits The Application of Protocol Principles to Hosting Foreign Delegations Protocol = A framework Enhances visit by: Ensuring proper order to proceedings Creating an atmosphere of

805 views • 53 slides
1. What is Operations Research (OR) 2 What is Operations Research? It is an application of

1. What is Operations Research (OR) 2 What is Operations Research? It is an application of

Unit 4 Systems Engineering Tools Deterministic Operations Research, Linear Programming Source: Introduction to Operations Research, 9th edition, Frederick S. Hillier, McGraw-Hill 1 1. What is Operations Research (OR) 2 What is Operations

905 views • 61 slides
Purpose QCI-DL SHAH National Award on Economics of Quality 2010 Large Scale Units B2

Purpose QCI-DL SHAH National Award on Economics of Quality 2010 Large Scale Units B2

Basics 2 Operational Excellence through Intuition application of pattern recognition, artificial intelligence, positioning and branding theories to back office operations Purpose QCI-DL SHAH National Award on Economics of Quality 2010

361 views • 12 slides
D Dynamics of i f O li Online Scam S Hosting Infr Hosting Infr rastructure rastructure

D Dynamics of i f O li Online Scam S Hosting Infr Hosting Infr rastructure rastructure

D Dynamics of i f O li Online Scam S Hosting Infr Hosting Infr rastructure rastructure Maria Konte, N Nick Feamster Georgi a Tech Jaeyeo on Jung Intel Re esearch Online Scams Online Scams Often advertised in spam p m

450 views • 17 slides
How do I recognize child abuse? Physical Abuse 1. Physical Neglect 2. 3. Sexual Abuse 4.

How do I recognize child abuse? Physical Abuse 1. Physical Neglect 2. 3. Sexual Abuse 4.

Child Abuse, Bullying and Strategies You Can Use to Protect Yourself How do I recognize child abuse? Physical Abuse 1. Physical Neglect 2. 3. Sexual Abuse 4. Emotional Maltreatment 1 Physical Abuse Physical indicators Behavioral indicators

737 views • 7 slides
versions for Hosting Companies Xander Lammertink System & Network Engineering: RP1 Research

versions for Hosting Companies Xander Lammertink System & Network Engineering: RP1 Research

Fin ine-grained control of LAMP component versions for Hosting Companies Xander Lammertink System & Network Engineering: RP1 Research question How to migrate customers from LAMP hosting providers to a new type of LAMP hosting where

1.34k views • 17 slides
SLTNet Shared Web Hosting Services Confidential Public Shared Web Hosting Service Service

SLTNet Shared Web Hosting Services Confidential Public Shared Web Hosting Service Service

SLTNet Shared Web Hosting Services Confidential Public Shared Web Hosting Service Service Features Provide more capacity initially (300MB -1000MB) Language Support- ASP , PHP , ASP.NET v1.0/2.0/3.0/3.5/4.0 Database Support -

555 views • 10 slides
Commercial bot and chat hosting Deep Learning as a service Bots are the new apps Write

Commercial bot and chat hosting Deep Learning as a service Bots are the new apps Write

Commercial bot and chat hosting Deep Learning as a service Bots are the new apps Write once, deploy everywhere The Chat Interface Chat and chatbots are the new application paradigm replacing mobile and web Chat lets you engage your

416 views • 25 slides
Hi Histor ory of of Elder Elder Abuse Abuse Legisla Legislation ion Fe Federal Federal

Hi Histor ory of of Elder Elder Abuse Abuse Legisla Legislation ion Fe Federal Federal

12/12/2019 Na Nati tional onal Gui Guidel elines ines fo for Fi Financial nancial Ins Instit itutio ions ns: Wo Working to togeth gether er to to Pro Protect Ol Older der Pe Persons fr from Fi Financial nancial Abuse Abuse Joe

409 views • 8 slides
Economic abuse What Research Tells Us Dr Nicola Sharp-Jeffs Overview What is economic

Economic abuse What Research Tells Us Dr Nicola Sharp-Jeffs Overview What is economic

Economic abuse What Research Tells Us Dr Nicola Sharp-Jeffs Overview What is economic abuse? How is it different to financial abuse ? Economic abuse and coercive control Economic abuse post-separation Prevalence data for UK and

326 views • 31 slides
Fast Flux Hosting and DNS ICANN SSAC What is Fast Flux Hosting? An evasion technique

Fast Flux Hosting and DNS ICANN SSAC What is Fast Flux Hosting? An evasion technique

Fast Flux Hosting and DNS ICANN SSAC What is Fast Flux Hosting? An evasion technique Goal Avoid detection and take down of web sites used for illegal purposes Technique Host illegal content at many sites Rapidly

617 views • 19 slides
GAAR, Abuse of law and Tax Treaties: the Italian perspective Universitt Hamburg, Master of

GAAR, Abuse of law and Tax Treaties: the Italian perspective Universitt Hamburg, Master of

GAAR, Abuse of law and Tax Treaties: the Italian perspective Universitt Hamburg, Master of International Taxation 13 14 th March 2014 Francesco Montanari University of Bozen School of Economics and Management 1 Framework: preliminary

560 views • 26 slides
aviation market: What constitutes an abuse of a dominant position by an infrastructure operator

aviation market: What constitutes an abuse of a dominant position by an infrastructure operator

Applying competition rules in the liberalized aviation market: What constitutes an abuse of a dominant position by an infrastructure operator and how to avoid it Jasminka Pecoti Kaufman University of Zagreb, Faculty of Economics and Business

567 views • 18 slides
Auto-learning of SMTP TCP Transport-Layer Features for Spam and Abusive Message Detection

Auto-learning of SMTP TCP Transport-Layer Features for Spam and Abusive Message Detection

Auto-learning of SMTP TCP Transport-Layer Features for Spam and Abusive Message Detection Georgios Kakavelakis, Robert Beverly, Joel Young Center for Measurement and Analysis of Network Data Naval Postgraduate School, Dept. Computer Science

597 views • 40 slides
Detecting Product Review Spammers using Rating Behaviors Itay Dressler What is Spam? Why

Detecting Product Review Spammers using Rating Behaviors Itay Dressler What is Spam? Why

Detecting Product Review Spammers using Rating Behaviors Itay Dressler What is Spam? Why should you care? How to detect Spam? 2 What is Spam? What is Spam? All forms of malicious manipulation of user generated data so as to

943 views • 56 slides
for Microsoft Office 365 Agenda Product introduction Features and benefits How it works

for Microsoft Office 365 Agenda Product introduction Features and benefits How it works

Kaspersky Security for Microsoft Office 365 Agenda Product introduction Features and benefits How it works Licensing 2 Kaspersky Lab | Kaspersky Security for Microsoft Office 365 What is Kaspersky Security for Microsoft Office 365

592 views • 22 slides
Webs of Trust in Distributed Environments Bringing Trust to Email Communication BSc.

Webs of Trust in Distributed Environments Bringing Trust to Email Communication BSc.

Webs of Trust in Distributed Environments Bringing Trust to Email Communication BSc. Presentation - Info-Lunch, 03.11.2004 Fighting Spam Hmmm, tasty!! Spamassassin Program for filtering unwanted Email messages Classifies Emails with

424 views • 30 slides
Guidance for Macros in PowerPoints We use macros within PowerPoints to increase the interactivity

Guidance for Macros in PowerPoints We use macros within PowerPoints to increase the interactivity

Guidance for Macros in PowerPoints We use macros within PowerPoints to increase the interactivity of our presentations. Follow this simple process to get the most out of this resource. What to do: Open the PowerPoint file and enable editing. A

211 views • 17 slides
Disclaimer This presentation has been prepared by Commission staff to provide general information

Disclaimer This presentation has been prepared by Commission staff to provide general information

Canadas Anti -Spam Legislation Information Session 2014 Disclaimer This presentation has been prepared by Commission staff to provide general information with respect to Canadas Anti -spam Legislation. This material is not to

494 views • 38 slides
Privacy and your business: An introduction to the Personal Information Protection and Electronic

Privacy and your business: An introduction to the Personal Information Protection and Electronic

Privacy and your business: An introduction to the Personal Information Protection and Electronic Documents Act SLIDE (1) Title Slide PRIVACY AND YOUR BUSINESS: An introduction to the Personal Information Protection and Electronic Documents Act.

294 views • 26 slides
Cyber Crime & IT Fraud Could your organisation survive if it lost $20,000? $50,000? Or $1

Cyber Crime & IT Fraud Could your organisation survive if it lost $20,000? $50,000? Or $1

Speaker: Stuart Hutcheon (Partner - StewartBrown) Cyber Crime & IT Fraud Could your organisation survive if it lost $20,000? $50,000? Or $1 million overnight? Overview History Categories of Cyber Crime Contents and Outline

320 views • 19 slides

More recommend