Krebs on Security

The data breach disclosed in March by security firm RSA received worldwide attention because it highlighted the challenges that organizations face in detecting and blocking intrusions from targeted cyber attacks. The subtext of the story was that if this could happen to one of the largest and most integral security firms, what hope was there for organizations that aren’t focused on security?

Security experts have said that RSA wasn’t the only corporation victimized in the attack, and that dozens of other multinational companies were infiltrated using many of the same tools and Internet infrastructure. But so far, no one has been willing to talk publicly about which other companies may have been hit.  Today’s post features a never-before-published list of those victim organizations. The information suggests that more than 760 other organizations had networks that were compromised with some of the same resources used to hit RSA. Almost 20 percent of the current Fortune 100 companies are on this list.

Since the RSA incident was disclosed, lawmakers in the U.S. Congress have taken a renewed interest in so-called “advanced persistent threat” or APT attacks. Some of the industry’s top security experts have been summoned to Capitol Hill to brief lawmakers and staff about the extent of the damage. The information below was shared with congressional staff.

Below is a list of companies whose networks were shown to have been phoning home to some of the same control infrastructure that was used in the attack on RSA. The first victims appear to have begun communicating with the attacker’s control networks as early as November 2010.

A few caveats are in order here. First, many of the network owners listed are Internet service providers, and are likely included because some of their subscribers were hit. Second, it is not clear how many systems in each of these companies or networks were compromised, for how long those intrusions persisted, or whether the attackers successfully stole sensitive information from all of the victims. Finally, some of these organizations (there are several antivirus firms mentioned  below) may be represented because they  intentionally compromised internal systems in an effort to reverse engineer malware used in these attacks.

Among the more interesting names on the list are Abbott Labs, the Alabama Supercomputer Network, Charles Schwabb & Co., Cisco Systems, eBay, the European Space Agency, Facebook, Freddie Mac, Google, the General Services Administration, the Inter-American Development Bank, IBM, Intel Corp., the Internal Revenue Service (IRS), the Massachusetts Institute of Technology, Motorola Inc., Northrop Grumman, Novell, Perot Systems, PriceWaterhouseCoopers LLP, Research in Motion (RIM) Ltd., Seagate Technology, Thomson Financial, Unisys Corp., USAA, Verisign, VMWare, Wachovia Corp., and Wells Fargo & Co.

At the end of the victim list is a pie chart that shows the geographic distribution of the command and control networks used to coordinate the attacks. The chart indicates that the overwhelming majority of the C&Cs are located in or around Beijing, China.

302-DIRECT-MEDIA-ASN
8e6 Technologies, Inc.
AAPT AAPT Limited
ABBOTT Abbot Labs
ABOVENET-CUSTOMER – Abovenet Communications, Inc
ACCNETWORKS – Advanced Computer Connections
ACEDATACENTERS-AS-1 – Ace Data Centers, Inc.
ACSEAST – ACS Inc.
ACS-INTERNET – Affiliated Computer Services
ACS-INTERNET – Armstrong Cable Services
ADELPHIA-AS – Road Runner HoldCo LLC
Administracion Nacional de Telecomunicaciones
AERO-NET – The Aerospace Corporation
AHP – WYETH-AYERST/AMERICAN HOME PRODUCTS
AIRLOGIC – Digital Magicians, Inc.
AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services
AIS-WEST – American Internet Services, LLC.
AKADO-STOLITSA-AS _AKADO-Stolitsa_ JSC
ALCANET Corporate ALCANET Access
ALCANET-DE-AS Alcanet International Deutschland GmbH
ALCATEL-NA – Alcanet International NA
ALCHEMYNET – Alchemy Communications, Inc.
Alestra, S. de R.L. de C.V.
ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd.,Alliance Gateway AS,Broadband Services Provider,Kolkata,India
ALMAZAYA Almazaya gateway L.L.C
AMAZON-AES – Amazon.com, Inc.
AMERITECH-AS – AT&T Services, Inc.
AMNET-AU-AP Amnet IT Services Pty Ltd
ANITEX-AS Anitex Autonomus System
AOL-ATDN – AOL Transit Data Network
API-DIGITAL – API Digital Communications Group, LLC
APOLLO-AS LATTELEKOM-APOLLO
APOLLO-GROUP-INC – University of Phoenix
APT-AP AS
ARLINGTONVA – Arlington County Government

ARMENTEL Armenia Telephone Company
AS INFONET
AS3215 France Telecom – Orange
AS3602-RTI – Rogers Cable Communications Inc.
AS4196 – Wells Fargo & Company
AS702 Verizon Business EMEA – Commercial IP service provider in Europe
ASATTCA AT&T Global Network Services – AP
ASC-NET – Alabama Supercomputer Network
ASDANIS DANIS SRL
ASGARR GARR Italian academic and research network
ASIAINFO-AS-AP ASIA INFONET Co.,Ltd./ TRUE INTERNET Co.,Ltd.
ASIANDEVBANK – Asian Development Bank
ASN852 – Telus Advanced Communications
AS-NLAYER – nLayer Communications, Inc.
ASTOUND-CABLE – Wave Broadband, LLC
AT&T Global Network Services – EMEA
AT&T US
ATMAN ATMAN Autonomous System
ATOMNET ATOM SA
ATOS-AS ATOS Origin Infogerance Autonomous System
ATT-INTERNET4 – AT&T Services, Inc.
AUGERE-AS-AP Augere Wireless Broadband Bangladesh Limited
AVAYA AVAYA
AVENUE-AS Physical person-businessman Kuprienko Victor Victorovich
AXAUTSYS ARAX I.S.P.
BACOM – Bell Canada
BAHNHOF Bahnhof AB
BALTKOM-AS SIA _Baltkom TV SIA_
BANGLALINK-AS an Orascom Telecom Company, providing GSM service in Bangladesh
BANGLALION-WIMAX-BD Silver Tower (16 & 18th Floor)
BANKINFORM-AS Ukraine
BASEFARM-ASN Basefarm AS. Oslo – Norway
BBIL-AP BHARTI Airtel Ltd.
BBN Bredbaand Nord I/S
BC-CLOUD-SERVICES
BEAMTELE-AS-AP Beam Telecom Pvt Ltd
BEE-AS JSC _VimpelCom_
BELINFONET Belinfonet Autonomus System, Minsk, Belarus
BELLSOUTH-NET-BLK – BellSouth.net Inc.
BELPAK-AS BELPAK
BELWUE Landeshochschulnetz Baden-Wuerttemberg (BelWue)
BENCHMARK-ELECTRONICS – Benchmark Electronics Inc.
BEND-BROADBAND – Bend Cable Communications, LLC
BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone
BIGNET-AS-ID Elka Prakarsa Utama, PT
BLUEWIN-AS Swisscom (Schweiz) AG
BM-AS-ID PT. Broadband Multimedia, Tbk
BN-AS Business network j.v.
BNSF-AS – Burlington Northern Sante Fe Railway Corp
BNT-NETWORK-ACCESS – Biz Net Technologies
BORNET Boras Energi Nat AB
BREEZE-NETWORK TOV TRK _Briz_
BSC-CORP – Boston Scientific Corporation
BSKYB-BROADBAND-AS BSkyB Broadband
BSNL-NIB National Internet Backbone
BT BT European Backbone
BT-ITALIA BT Italia S.p.A.
BTN-ASN – Beyond The Network America, Inc.
BTTB-AS-AP Telecom Operator & Internet Service Provider as well
BT-UK-AS BTnet UK Regional network
CABLECOM Cablecom GmbH
CABLE-NET-1 – Cablevision Systems Corp.
CABLEONE – CABLE ONE, INC.
CABLEVISION S.A.
CACHEFLOW-AS – Bluecoat Systems, Inc.
CANET-ASN-4 – Bell Aliant Regional Communications, Inc.
CANTV Servicios, Venezuela
CAPEQUILOG – CapEquiLog
CARAVAN CJSC Caravan-Telecom
CARRIER-NET – Carrier Net
CATCHCOM Ventelo
CCCH-3 – Comcast Cable Communications Holdings, Inc
CDAGOVN – Government Telecommunications and Informatics Services
CDS-AS Cifrovye Dispetcherskie Sistemy
CDT-AS CD-Telematika a.s.
CE-BGPAC – Covenant Eyes, Inc.
CELLCO-PART – Cellco Partnership DBA Verizon Wireless
CENSUSBUREAU – U. S. Bureau of the Census
CERNET-ASN-BLOCK – California Education and Research Federation Network
CERT – Computer Emergency Response Team (CERT) – Coordination Center
CGINET-01 – CGI Inc
CHARLES-SCHWAB – Charles Schwab & Co., Inc.
CHARTER-NET-HKY-NC – Charter Communications
CHINA169-BACKBONE CNCGROUP China169 Backbone
CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network
CHINA169-GZ China Unicom IP network China169 Guangdong province
CHINANET-BACKBONE No.31,Jin-rong Street
CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation
CHINANET-SH-AP China Telecom (Group)
CIPHERKEY – Cipherkey Exchange Corp.
CISCO-EU-109 Cisco Systems Global ASN – ARIN Assigned
CITEC-AU-AP QLD Government Business (IT)
CITelecom-AS
CITYNET – CityNet
CLARANET-AS ClaraNET
CLIX-NZ TelstraClear Ltd
CMCS – Comcast Cable Communications, Inc.
CMNET-BEIJING-AP China Mobile Communicaitons Corporation
CMNET-GD Guangdong Mobile Communication Co.Ltd.
CMNET-V4SHANDONG-AS-AP Shandong Mobile Communication Company Limited
CNCGROUP-GZ CNCGROUP IP network of GuangZhou region MAN network
CNCGROUP-SH China Unicom Shanghai network
CNIX-AP China Networks Inter-Exchange
CNNIC-DSNET-AP Shanghai Data Solution Co., Ltd.
CNNIC-WASU-AP WASU TV & Communication Holding Co.,Ltd.
CO-2COM-AS 2COM Co ltd.
COGECOWAVE – Cogeco Cable
COGENT Cogent/PSI
COLO4 – Colo4Dallas LP
COLOMBIA TELECOMUNICACIONES S.A. ESP
COLT COLT Technology Services Group Limited
COLUMBUS-NETWORKS – Columbus Networks USA, Inc.
COMCAST-33490 – Comcast Cable Communications, Inc.
COMCAST-33491 – Comcast Cable Communications, Inc.
COMCAST-36732 – Comcast Cable Communications, Inc.
COMCAST-7015 – Comcast Cable Communications Holdings, Inc
COMCAST-7725 – Comcast Cable Communications Holdings, Inc
COMCAST-HOUSTON – Comcast – Houston
COMHEM-SWEDEN Com Hem Sweden
COMNET-TH KSC Commercial Internet Co. Ltd.
Completel Autonomous System in France
COMSAT COLOMBIA
COMSTAR COMSTAR-Direct global network
CORBINA-AS Corbina Telecom
COVAD – Covad Communications Co.
CPMBLUE-AS-BD CPM BLUE ONLINE LTD.Transit AS Internet Service Provider, Dhaka
CRRSTV – CRRS-TV
CSC Computer Management and CSC Denmark
CSC-IGN-AUNZ-AP Computer Sciences Corporation
CSC-IGN-EMEA – Computer Sciences Corporation
CSC-IGN-FTW – Computer Sciences Corporation
CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED
CSP-AS CSP
CSUNET-NW – California State University Network
CSXT-AS-1 – CSX Technology
CTIHK-AS-AP City Telecom (H.K.) Ltd.
CTS-MD I.S. Centrul de Telecomunicatii Speciale
CXA-ALL-CCI-22773-RDC – Cox Communications Inc.
CYBERVERSE – Cyberverse, Inc.
CYPRESS-SEMICONDUCTOR – Cypress Semiconductor
CYTA-NETWORK Cyprus Telecommunications Authority
DARLICS-AS Darlics ltd. provides IP transport and Internet
DATAGRUPA SIA _Datagrupa.lv_ Marijas 7 – 412a Riga, LV-1050, LATVIA
DCI-AS DCI Autonomous System
DECHO – Decho Corporation
DFINET DFi Service SA
DHL-AS DHL Systems Inc.
DHSINETNOC – DEPARTMENT OF HOMELAND SECURITY
DIGCOMM Digital communications, LTD
DIGITAL-TELEPORT – Digital Teleport Inc.
DIL-AP DIRECT INTERNET LTD.
DIN-AS TOMSKTELECOM AS
DINAS-AS PE Kuznetsova Viktoria Viktorovna
DINET-AS Digital Network JSC
Diveo do Brasil Telecomunicacoes Ltda
DK-ESS-AS Syd Energi Bredbaand A/S
DMSLABNET – DoD Network Information Center
DNC-AS IM Data Network Communication SRL
DNEO-OSP7 – Comcast Cable Communications, Inc.
DNIC-ASBLK-00721-00726 – DoD Network Information Center
DNIC-ASBLK-27032-27159 – DoD Network Information Center
DOGAN-ONLINE Dogan Iletisim Elektronik Servis Hizmetleri
DOMAINFACTORY domainfactory GmbH
DOMAINTOOLS – DomainTools, LLC
DONTELE-AS Telenet LLC
DOPC-AS
DOPC-AS-NGN
DOPC-AS-US
DREAMHOST-AS – New Dream Network, LLC
DREAMX-AS DREAMLINE CO.
DRWEB-AS Doctor Web Ltd
DSE-VIC-GOV-AS Department of Sustainability & Environment,
DSIJSC-AS DSI Autonomous system
DSLEXTREME – DSL Extreme
DTAG Deutsche Telekom AG
DWL-AS-IN Dishnet Wireless Limited. Broadband Wireless
DYNDNS – Dynamic Network Services, Inc.
EASYDNS EasyDNS Technologies, Inc.
EASYNET Easynet Global Services
EBAY – eBay, Inc
ECI-TELECOM-LTD ECI Telecom-Ltd.
EDGECAST – EdgeCast Networks, Inc.
EIRCOM Eircom
ELISA-AS Elisa Oyj
EMBARQ-WNPK – Embarq Corporation
EMBIT-AS BURTILA & Co. ELECTRON M.BIT SRL
EMC-AS12257 – EMC Corporation
EMCATEL
EMIRATES-INTERNET Emirates Internet
EMOBILE eMobile Ltd.
ENTEL CHILE S.A.
EPM Telecomunicaciones S.A. E.S.P.
EQUANT-ASIA Equant AS for Asian Region covering Japan
EQUINIX-EDMA-ASH-ASN – Equinix, Inc.
ERICSSON-APAC-MY-AS Ericsson Global Services. BUGS N&V APAC
ERX-SINGNET SingNet
ESRI – Environmental Systems Research Institute
ESS-PR-WEBMASTERS – ESS/PR WebMasters
EthioNet-AS
ETISALAT-MISR
ETPI-IDS-AS-AP Eastern Telecoms Phils., Inc.
ETSI Autonomous System
EURONET Online Breedband B.V. Global AS
European Space Agency
EUSKALTEL Euskaltel S.A.
EXCELL-AS Excellmedia
EXIM – Export Import Bank of the U.S
FACEBOOK – Facebook, Inc.
FANNIEMAE – Fannie Mae
FasoNet-AS
FASTMETRICS – Fastmetrics, LLC
FAST-TELCO Fast Telecommunications Company W.L.L.
FASTWEB Fastweb SpA
FAWRI-AS
FDA – Parklawn Computer Center / DIMES HQ
FIBREONE-AS fibre one networks GmbH, Duesseldorf
FITC-AS – FITC – FedEx International Transmission Corporation
FMAC-I-BILLING – Freddie Mac
FMI-NET-AS – Freeport-McMoran Inc.
FORATEC-AS Foratec Communication AS at Sverdlovsk, Tyumen, Perm regions
FORTINET-CANADA – Fortinet Inc.
FPT-AS-AP The Corporation for Financing & Promoting Technology
FRONTIER-AND-CITIZENS – Frontier Communications of America, Inc.
FRONTIER-FRTR – Frontier Communications of America, Inc.
FR-RENATER Reseau National de telecommunications pour la Technologie
FULLRATE Fullrate A/S
FX-PRIMARY-AS FX Networks Limited
GBLX Global Crossing Ltd.
GET-NO GET Norway
GHANATEL-AS
GIGAINFRA Softbank BB Corp.
GLOBAL-SPLK – Sprint International
GLOBE-TELECOM-AS Globe Telecoms
GOLDENLINES-ASN 012 Smile Communications Main Autonomous System
GOLDENTELECOM-UKRAINE Golden Telecom
GOOGLE – Google Inc.
GRAMEENPHONE-AS-AP GrameenPhone Ltd.
GSA-GOV – General Services Administration
GT-BELL – Bell Canada
Gtd Internet S.A.
GYRON ====
H3G-AS H3G S.p.A.
H3GUKNIE Hutchison 3G UK and Ireland Core AS
HANARO-AS Hanaro Telecom Inc.
HATHWAY-NET-AP Hathway IP Over Cable Internet
HETZNER-AS Hetzner Online AG RZ
HHES – HAMILTON HYDRO ELECTRIC SYSTEM
HINET Data Communication Business Group
HKNET-AP HKNet Co. Ltd
HKTIMS-AP PCCW Limited
HNS-DIRECPC – Hughes Network Systems
HOPONE-GLOBAL – HopOne Internet Corporation
HOSTEUROPE-AS AS of Hosteurope Germany / Cologne
HP-INTERNET-AS Hewlett-Packard Company
HTCL-IAS-HK-AP Hutchison Telephone Company Limited
HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd
HURRICANE – Hurricane Electric, Inc.
HUTCHISON-AS-AP Hutchison Global Communications
HUTCHVAS-AS Vodafone Essar Ltd., Telecommunication – Value Added Services,
IADB-NETWORKS – The Inter-American Development Bank
IAM-AS
IBM E-business Hosting Delivery
IBMCCH-RTP – IBM
IBMCCH-SBY – IBM
IBMDES-AS – IBM Dallas Engineering & Scientific
IBSNAZ Telecom Italia S.p.a.
IBURST-GH
ICONNECT-BD Planners Tower
IDK-NETWORK CJSC Interdnestrcom AS
IEUNET BT Ireland Backbone
IFX-NW – IFX Communication Ventures, Inc.
IHNET – IHNetworks, LLC
IINET iiNet Limited
IJ-NET – Internet Junction Corp.
ILX-ASN – THOMSON FINANCIAL
IN2CABLE-AP AS Number of In2cable.com (India) Ltd.
INDONET-AS-AP INDO Internet, PT
INDOSATM2-ID INDOSATM2 ASN
INEA-AS INEA S.A.
INET-AS-ID PT. Inet Global Indo
INETCOMM-AS INET LTD
I-NETPARTNER-AS I-NetPartner GmbH ASN
INETTEHNO Inet Tehno
INFINEON-AS Infineon AG
INFINEON-SG 8 Kallang Sector
INFLOW19294 – Inflow Inc.
INFOSPHERE NTT PC Communications, Inc.
INFOSTRADA Infostrada S.p.A.
INIT7 Init7 Global Backbone
INS-AS – AT&T Data Communications Services
Instituto Costarricense de Electricidad y Telecom.
Instituto Tecnol??gico y de Estudios Superiores de Monterrey
INTEGRATELECOM – Integra Telecom, Inc.
INTELSAT Intelsat Global BGP Routing Policy
INTEL-SC-AS – Intel Corporation
INTERNAP-2BLK – Internap Network Services Corporation
INTERNAP-BLK – Internap Network Services Corporation
INTERNAP-BLK – Internap Network Services Corporation
INTERNAP-BLK3 – Internap Network Services Corporation
INTERNAP-BLOCK-4 – Internap Network Services Corporation
INTERNETIA-AS Netia SA
INTERNET-PATH – Internet Path, Inc.
INTERNET-PRO-AS Internet-Pro Ltd
INTEROUTE Interoute Communications Ltd
INTERPHONE-AS Interphone Ltd.
INTERTELECOM Intertelecom
IPASAULE-AS _Interneta Pasaule_ SIA
IPG-AS-AP Philippine Long Distance Telephone Company
IPGOMA – THE INTERPUBLIC GROUP OF COMPANIES, INC.
IPNXng
IPO-EU IP-Only Telecommunication Networks AB
IQUEST-AS – IQuest Internet
IRONPORT-SYSTEMS-INC – Cisco Systems Ironport Division
IRS – Internal Revenue Service
IS
ISC-AS1280 Internet Systems Consortium, Inc.
ISKON ISKON INTERNET d.d. za informatiku i telekomunikacije
ISKRATELECOM-AS ISKRATELECOM ZAO
ISP-KIM-NET Kalush Information Network LTD
ISSC-AS – ISSC
ISW – Internet Specialties West Inc.
ITNS ITNS. NET SRL
ITSCOM its communications Inc.
JAWWAL Jawwal will be multihoming with us AS15975 and AS12975
JAZZNET Jazz Telecom S.A.
Jordan Data Communications Company LLC
JUNIPER-NETWORKS – Juniper Networks, Inc.
KABELBW-ASN Kabel Baden-Wuerttemberg GmbH & Co. KG
KAISER-NCAL – Kaiser Foundation Health Plan
KAMOPOWER – KAMO Electric Cooperative, Inc.
KAZTELECOM-AS JSC Kazakhtelecom
KHERSON-TS Kherson Telecommunication Systems Ltd.
KIXS-AS-KR Korea Telecom
K-OPTICOM K-Opticom Corporation
KSNET KSNet
KSNET-AS Kyivstar GSM
KVH KVH Co.,Ltd
LANTELECOM-AS Lan-Telecom AS Number
LATISYS-ASHBURN – Latisys-Ashburn, LLC
LATNETSERVISS-AS LATNET ISP
LDCOMNET NEUF CEGETEL (formerly LDCOM NETWORKS)
LEASEWEB LEASEWEB AS
LEVEL3 Level 3 Communications
LGCNS-AS – LG CNS America Inc.
LGDACOM LG DACOM Corporation
LGH-AS-KR LGHitachi
LGNET-AS-KR LG CNS
LINKdotNET-AS
LINKLINE – LinkLINE Communications, Inc.
LINKNET-ID-AP Linknet ASN
LOQAL-AS Loqal AS
LUCENT-CIO – Lucent Technologies Inc.
LUGANET-AS ARTA Ltd
LVBALTICOM-AS _Balticom_ JSC
LVLT594-598 – Level 3 Communications, Inc.
LYSE-AS Altibox AS
MAGNUS-AS TOV _Magnus Limited_
MANGOTELESERVICE-AS-BD Only private Owned IIG in Bangladesh
MAP Moscow Network Access Point
MASERGY-US Masergy US Autonomous System
MASSCOM – Massillon Cable Communications
MAXIS-AS1-AP Binariang Berhad
MBL-AS-AP Micronet Broadband (Pvt) Ltd.
MCAFEE – McAfee, Inc.
MCAFEE-COM – McAfee, Inc.
MCC OJSC _Moscow Cellular Communications_,
MCI-ASN – MCI
MCT-SYDNEY Macquarie Telecom
MDITNET-AS ITNET (ITPAY SRL)
MEDIASERV-AS Mediaserv
Mega Cable, S.A. de C.V.
MEGAPATH2-US – MegaPath Networks Inc.
METROTEL REDES S.A.
MF-KAVKAZ-AS Caucasus Branch of OJSC MegaFon AS
MF-NWGSM-AS North-West Branch of OJSC MegaFon Network
MFNX MFN – Metromedia Fiber Network
MICRON21-AS-AU-AP Micron21 Melbourne Australia Datacentre. Co-Location Dedicated Servers Web Hosting
MICROSOFT-CORP-AS – Microsoft Corp
MICROSOFT-CORP—MSN-AS-BLOCK – Microsoft Corp
MISD-NET – Macomb Intermediate School District
MIT-GATEWAYS – Massachusetts Institute of Technology
MOLDCELL_AS Moldcell SA Autonomous System
MOLDDATA-AS Administrator of the top level domain .MD,
MOLDTELECOM-AS Moldtelecom Autonomous System
MORENET – University of Missouri – dba the Missouri Research and Education Network (MOREnet)
MOTOROLA – Motorola, Inc.
MOTOROLA-PHX – Motorola, Inc.
MP-ELEKTRONIKA-AS MP ELEKTRONIKA Autonomous System
MPX-AS Microplex PTY LTD
MTNL-AP Mahanagar Telephone Nigam Ltd.
MTS-INDIA-IN 334,Udyog Vihar
MTSNET OJSC _Mobile TeleSystems_ Autonomous System
N9E7X5E3N1I2N4C – Nexen Inc.
NAWALA-AS-ID Asosiasi Warung Internet Indonesia (AWARI)
NAWRAS-AS Omani Qatari Telecommunications Company SAOC
NBLNETWORKS-AS Nebula Oy Autonomous System
NC-FUNB-AS – WACHOVIA CORP
NCNET-AS National Cable Networks
NEOLINK CJSC _ER-Telecom Holding_ Izhevsk branch
NERIM Nerim SAS
NET-ACCESS-CORP – Net Access Corporation
NET-AIG – American International Group (AIG) Data Center, Inc.
NETCOM-AS NetCom as Autonomous system
NETELLIGENT – Netelligent Hosting Services Inc.
NEWCOM-AS NEWCOM mirror object from ARIN
NEWCOM-ASN New Com Telecomunicatii SA
NEWEDGENETS – New Edge Networks
NEWSKIES-NETWORKS SES WORLD SKIES ARIN AS, for routing RIPE space.
NEWTT-IP-AP Wharf T&T Ltd.
NEXTGENTEL NEXTGENTEL Autonomous System
NEXTTELL-VRN-AS LLC NextTell-Voronezh AS Number
NG-AS NextGen Communications SRL
NIANET-AS nianet is a Danish carrier and Internet Service Provider
NO_NAME
NOC – Network Operations Center Inc.
NOKIA Nokia Internet
NOKIA-AS NOKIANET APAC Data Centre network
NOKIANET_DALLAS NOKIANET Dallas office
Nominum Global NameServer network
NOMINUM-SKYE1 – SKYE
NORDLINKS-AS S.C. _NordLinks_ S.R.L.
NORMA-PLUS-AS TOV Norma Plus
NORTHROP-GRUMMAN – Northrop Grumman
NOVELL – Novell, Inc.
NTL Virgin Media Limited
NTT do Brasil Telecomunicaoes Ltda
NTT-COMMUNICATIONS-2914 – NTT America, Inc.
NUMERICABLE NUMERICABLE is a cable network operator in France, offering TV,VOICE and Internet services
NUVOX – NuVox Communications, Inc.
NV-ASN 013 NetVision Ltd.
NYFX-RTR – NYFIX, INC
O1COMM – O1 COMMUNICATIONS
OCN NTT Communications Corporation
OFIDEN – OppenheimerFunds, Inc.
OMD-FNO Orange Moldova Fix Network Autonomous System
OMNITURE ====
OPENDNS – OpenDNS, LLC
ORANGE-BUSINESS-SERVICES-SOUTHEUR Equant Inc.
ORANGE-BUSINESS-SERVICES-UK Orange Business Services (formerly Equant) AS for UK
OSIS-PACOM – Joint Intelligence Center Pacific
OVH OVH
P4NET P4 Sp. z o.o.
PACIFIC-INTERNET-INDIA-ASN Pacific Internet India Pvt. Ltd.
PACIFIC-INTERNET-IX Pacific Internet Ltd
PACNET Pacnet Global Ltd
PAH-INC – GoDaddy.com, Inc.
PAIR-NETWORKS – pair Networks
PALTEL-AS PALTEL Autonomous System
PARTNER-AS Partner Communications Ltd.
PBTL-BD-AS-AP Pacific Bangladesh Telecom Limited.
PDX – PORTLAND INTERNETWORKS
PEER1 – Peer 1 Network Inc.
Pegaso PCS, S.A. de C.V.
PERSNET Korea Telecom Freetel
PI-AU Pacific Internet (Australia) Pty Ltd
PI-HK Pacnet Internet (Hong Kong) Limited
PIXNET-AS – Providers Internet Exchange
PKTELECOM-AS-PK Pakistan Telecom Company Limited
PLUSSERVER-AS PlusServer AG, Germany
POLYCOM – Polycom, Inc.
POWEREDCOM KDDI CORPORATION
Prima S.A.
PRIMORYE-AS Open Joint Stock Company _Far East Telecommunications Company_
PRINCETON-AS – Princeton University
PROBENETWORKS-AS Probe Networks
PRONET_LV SIA _PRONETS_
PROXAD Free SAS
PS-NETPLEX-AS – Perot Systems
PT KPN Internet Solutions
PTK-CENTERTEL-DSL-AS PTK Centertel Sp. z o.o.
PTLP-CORE – People_s Tel Limited Partnership
PTPRIMENET PT PRIME – Solucoes Empresariais de Telecomunicacoes e Sistemas S.A.
PUBNET1-AS KT
PUSAN-AS-KR Pusan National University
PWC-AS – PriceWaterhouseCoopers, LLP
Q9-AS – Q9 Networks Inc.
Q9-AS-BRAM – Q9 Networks Inc.
QNETCZ QNET CZ s.r.o.
QSC-1 QSC AG
QUALCOMM – Qualcomm, Inc.
QUALCOMM-BLR-AS-AP Qualcomm Inc. Bangalore AS, Developer of CDMA Technology India
QWEST – Qwest Communications Company, LLC
RACKSPACE – Rackspace Hosting
RADIOGRAFICA COSTARRICENSE
RAPID-LINK-AS RAPID LINK SRL
RAYA-AS
RCN-AS – RCN Corporation
RDSNET RCS & RDS S.A.
Rede Nacional de Ensino e Pesquisa
REEDLAN-AS ISP REEDLAN
RELARN RELARN-MSK
RELIANCE-COMMUNICATIONS-IN Reliance Communications Ltd.DAKC MUMBAI
RELIANCEGLOBALCOM – Reliance Globalcom Services, Inc
RENAM RENAM Association
RIML-CORP-AS-3 – Research In Motion Limited
RIPE-NCC-AS RIPE Network Coordination Centre
RISC-SYSTEM – Rockwell Scientific Company
RMH-14 – Rackspace Hosting
RMIFL RM Education PLC – Internet for Learning
ROGERS-CABLE – Rogers Cable Communications Inc.
ROSTELECOM-AS JSC Rostelecom
ROSTOV-TELEGRAF-AS Rostovelectrosviaz_ of Public Joint Stock Company
RTCOMM-AS OJSC RTComm.RU
RTD ROMTELECOM S.A
RUSTAVI2ONLINEAS Caucasus Online LLC
RU-SURNET Uralsvyazinform, Chelyabinsk branch
RWT – RagingWire Telecommunications
SAFELINES The network of ISP Safelines,includes POPs in various cities
SAFENZ-TRANSIT-AS-NZ SafeNZ Networks LTD
SAITIS-NETWORK Saitis Network, N.Desir
SAMSUNGNETWORKS-AS-KR Samsung Networks Inc.
SAN-JUAN-CABLE – San Juan Cable, LLC
SASUSA SunGard Availability Services USA
SAVVIS – Savvis
SBIS-AS – AT&T Internet Services
SCARTEL-AS Scartel Ltd.
SCOTTS-AS – CITY OF SCOTTSBURG
SCRR-10796 – Road Runner HoldCo LLC
SCRR-11426 – Road Runner HoldCo LLC
SCRR-12271 – Road Runner HoldCo LLC
SCV-AS-AP SCV Broadband Access Provider
SDL-20-AS – Smithville Digital, LLC
SEAGATE-USA-MN-1 – Seagate Technology
SEEDNET Digital United Inc.
SELECTNET-AS – SelectNet Internet Services
SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o.
SERVICENET-AP Internet service provision to Western
SGNET-AS-AP Singapore Government Network AS
SHAW – Shaw Communications Inc.
SIBNETWORKS-AS Siberian Networks
SIFY-AS-IN Sify Limited
SIGMANET-NIC LU MII AS
SIKA-AS Sika Informationssysteme AG
SITA SITA
sixtelecoms-as
SKTELECOM-NET-AS SK Telecom., Ltd.
SKYNET-SPB-AS SkyNet Ltd.
SKYVISION SkyVision Network Services
SLTINT-AS-AP Sri Lanka Telecom Internet
SOFTLAYER – SoftLayer Technologies Inc.
SOFTNET-AS-AP Software Technology Parks of India – Bangalore
SOLNET BSE Software GmbH
SONICDUO-AS AS for MegaFon-Moscow
SONOMA – Sonoma Interconnect
SONY-APAC-AP Sony – ASN for Asia Pacific
SOVAM-AS OJSC _Vimpelcom_
SPBMTS-AS Mobile TeleSystems, OJSC, MR North-West
SPCS – Sprint Personal Communications Systems
SPEAKEASY – Speakeasy, Inc.
SPECTRANET FIRST FIBRE BROADBAND NETWORK IN NEW DELHI, INDIA
Sprint US
SPRINTLINK – Sprint
SPRINTLINK-HOSTING – SPRINT, Business Serices Group
SS-NOC-AS – Straitshot Communications, Inc.
STARHUBINTERNET-AS StarHub Internet Exchange
STARNET-AS StarNet Moldova
STATEL-AS Stavropol branch of Southern Telecommunications Company
STEADFAST – Steadfast Networks
STOMI – State of Michigan, DMB-CNOC
STSN-SLC-UT-US – STSN GENERAL HOLDINGS, INC.
SUDDENLINK-COMMUNICATIONS – Suddenlink Communications
SUMTEL-AS-RIPE Summa Telecom
SUNCOMMUNICATIONS-AS JV _Sun Communications_ Autonomous System
SUNRISE Sunrise Communications AG
SUPERNET-PAKISTAN-AS-AP Supernet Limited Transit Autonomous System Number
SURFCONTROL-US-ASN Websense Hosted Security Network
SURFNET-NL SURFnet, The Netherlands
SWEETNET-AS Private entrepreneur Bliznichenko Vitalij Volodumirovich
SWISSCOM Swisscom (Switzerland) Ltd
SWITCH SWITCH, Swiss Education and Research Network
SWKO – SOUTHWEST KANSAS ONLINE
TACHYON-AS-ID PT Remala Abadi
TATA-AS TATA ISP
TATACOMM-AS TATA Communications formerly VSNL is Leading ISP
TATTELECOM-AS Tattelecom.ru/Tattelecom Autonomous System
TC Radio Systems Autonomous System
TCH – TCH Network Services
TDC TDC Data Networks
TDDE-ASN1 Telefonica o2 Germany Autonomous System
TDN Tikona Digital Networks Pvt Ltd.
TEAM-CYMRU – Team Cymru Inc.
TE-AS TE-AS
TELCOMNET TelCom Ltd.
TELCOM-UA-AS _Telecomunikatsiina Companiya_ Ltd
TELE2
Telecom Argentina S.A.
TELECOMMD-AS ICS Networks Solutions SRL
Telecomunicacoes da Bahia S.A.
TELEFONICA CHILE S.A.
Telefonica de Argentina
Telefonica Empresas SA
TELEFONICA-DATA-ESPANA Internet Access Network of TDE
TELEKOM-AS TELEKOM SRBIJA a.d.
TELENERGO EXATEL S.A. Autonomous System
TELENET-AS Autonomous System of Teleset-Servis Ltd.
TELENET-AS Telenet N.V.
TELENOR-NEXTEL Telenor Norge AS
TELESC – Telecomunicacoes de Santa Catarina SA
TELESWEET-AS Telesweet ISP Autonomous System
TELETECH – TeleTech Holdings, Inc
Television Internacional, S.A. de C.V.
TELEZUG WWZ Telekom AG
TELIANET-DENMARK TeliaNet Denmark
TELIANET-SWEDEN TeliaNet Sweden
TELKOMNET-AS2-AP PT Telekomunikasi Indonesia
TELKOMSEL-ASN-ID PT. Telekomunikasi Selular
TELLCOM-AS Tellcom Iletisim Hizmetleri
Telmex Chile Internet S.A.
Telmex Colombia S.A.
TELSTRA Telstra Pty Ltd
TEOLTAB TEO LT AB Autonomous System
TERREMARK Terremark
TFN-TW Taiwan Fixed Network, Telco and Network Service Provider.
TFO-BOSTON – THOMSON FINANCIAL
THEPLANET-AS – ThePlanet.com Internet Services, Inc.
T-HT T-Com Croatia Internet network
TINET-BACKBONE Tinet SpA
TISCALI-UK Tiscali UK
TISNL-BACKBONE Telfort B.V.
TKPSA-AS TKP S.A. is 3S.pl network operator.
TKT-AS JSC TKT
TMIB-BD-AS-AP TM International Bangladesh Ltd. ISP, Gulshan-1,Dhaka-1212
TMN-AS TMN Autonomous System
TMNET-AS-AP TM Net, Internet Service Provider
TM-NETSYS-ASH – TicketMaster
TOMLINE Tomsk telecommunication company Ltd
TOTNET-TH-AS-AP TOT Public Company Limited
TPG-INTERNET-AP TPG Internet Pty Ltd
TPNET Telekomunikacja Polska S.A.
TRANSTEL S.A.
TRAVELERS – Travelers Property Casualty Corp.
TRENDMICRO Global IDC and Backbone of Trend Micro Inc.
TRENDMICRO Trend Micro Inc.
TRUENORTHCOMM – True North Communications
TSF-IP-CORE TeliaSonera Finland IP Network
TSU-SM – Texas State University – San Marcos
TTCLDATA
TTNET Turk Telekomunikasyon Anonim Sirketi
TTSL-MEISISP Tata Teleservices ISP AS
TULIP Tulip Telecom Ltd.
TURKCELL-AS TURKCELL ILETISIM HIZMETLERI A.S.
TVCABO-AS TVCABO Autonomous System
TWTC – tw telecom holdings, inc.
UAEXPRESS EXPRESS Radio Network
UARNET-AS Ukrainian Academic and Research Network
UA-SEECH Seech-Infocom NCC
UA-SMART-AS Broadcasting company _Smart_ Ltd
UCOM UCOM Corp.
UCSB-NET-AS – University of California, Santa Barbara
UCSC – University of California, Santa Cruz
UDMVT-AS OJSC VolgaTelecom branch in Udmurtia Republic AS Number
UECOMM-AU Uecomm Ltd
UKRBIT-NET-AS SPD Bilopol Roman Leonidovich
UKRTELNET JSC UKRTELECOM,
ULTRADNS – Centergate Research, LLC.
UMANITOBA – University of Manitoba
UMC-AS UMC Autonomous System
UMICH-AS-5 – University of Michigan
UMN Ural-TransTeleCom Autonomous System
UNI2-AS France Telecom Espana SA
Uninet S.A. de C.V.
UNINETT UNINETT, The Norwegian University & Research Network
UNISYS-6072 For routing issues, email hostmaster@unisys.com
UNISYS-AP-UI-AS-AP Unisys AsiaPac Intranet Access to Internet
UNISYS-AS-E – Unisys Corporation
Universidad Nacional de Colombia
University de Los Andes
UNL-AS – University of Nebraska-Lincoln
UNSPECIFIED
UPC UPC Broadband
UPITT-AS – University of Pittsburgh
URAN URAN Autonomous system
USAA – USAA
USI Uralsviazinform
UUNET – MCI Communications Services, Inc. d/b/a Verizon Business
UUNET-INT – MCI Communications Services, Inc. d/b/a Verizon Business
VEGA-OD-UA DCS Ltd.
VERISIGN-CORP – VeriSign Infrastructure & Operations
VERSATEL AS for the Trans-European Tele2 IP Transport backbone
VIA-NET-WORKS-AS PSINet Europe / VIA NET.WORKS international AS
VIAPASS-FR VIAPASS SAS
VIDEOTRON – Videotron Telecom Ltee
VIETEL-AS-AP Vietel Corporation
VINAKOM – VINAKOM COMMUNICATIONS
VINS – ViaWest
VIRGINIA-AS – University of Virginia
VITSSEN-SUWON-AS-KR Tbroad Suwon Broadcating Corporati
VMWARENET-1 – VMWare, Inc.
VNET-AS VNET ISP Bratislava, Slovakia, SK
VNPT-AS-VN Vietnam Posts and Telecommunications (VNPT)
VODAFONE_ICELAND Backbone Autonomous System
VODAFONE-IT-ASN Vodafone N.V.
VODANET International IP-Backbone of Vodafone
VOLIA-AS Kyivski Telekomunikatsiyni Merezhi LLC
VOLKSWAGEN Volkswagen AG, Wolfsburg 1
VRIS-AS-BLOCK – Verizon Online LLC
VSI-AS VSI AS
VTX-NETWORK VTX Services SA
VZB-AU-AS Verizon Australia PTY Limited
VZGNI-TRANSIT – Verizon Online LLC
WATEEN-IMS-PK-AS-AP National WiMAX/IMS environment
WAYPORT – AT&T Wi-Fi Services
Webex Communications, Inc.
WEBSENSE Websense, Inc.
WELLSFARGO – Wells Fargo & Company
WESTHOST – WestHost, Inc.
WESTNET-AS-AP Westnet Internet Services
WESTPUB-A – West Publishing Corporation
WICAM-AS WiCAM ISP Cambodia Peering AS
WIDEXS ion-ip B.V.
WINDSTREAM – Windstream Communications Inc
WIRELESSNET-ID-AP WIRELESSNET AS
WITCOM- Wiesbadener Informations – und Telekommunikations GmbH
WN-AS Private enterprise Gorbunov A.A.
WORLDBANK-AS – WORLD BANK
WORLDCALL-AS-LHR Worldcall Broadband Limited
WORLDNET-AS World Net & Services Co., Ltd.
WOW-INTERNET – WideOpenWest Finance LLC
WXC-AS-NZ WorldxChange Communications LTD
WYOMING – wyoming.com
XO-AS15 – XO Communications
XS4ALL-NL XS4ALL
XTRA-AS Telecom XTRA, Auckland, NZ
YAHOO-BANGALORE-AS-AP Yahoo Bangalore Network Monitoring Center
YAHOO-US – Yahoo
ZIGGO Ziggo – tv, internet, telefoon
ZIPNETBD-DKB-AS-AP Zipnet Limited DKB AS number

The following chart maps the location of more than 300 command and control networks that were used in these attacks. 299 of them were located in China.

Related posts:

1. Attackers Exploiting New Acrobat/Reader Flaw
2. RSA Among Dozens of Firms Breached by Zero-Day Attacks
3. Naming & Shaming Sources of Spam
4. Advanced Persistent Tweets: Zero-Day in 140 Characters
5. Cable: No Cyber Attack in Brazilian ’09 Blackout

Tags: advanced persistent threat, APT, China169-BJ CNCGroup, Fortune 100, RSA attack

This entry was posted on Monday, October 24th, 2011 at 12:01 am and is filed under A Little Sunshine, The Coming Storm. You can follow any comments to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.