M3AAWG General Meeting, Boston, Mass., October 21, 2014 – The founder of a far-reaching, volunteer program to identify millions of servers on the Internet with open DNS settings that could be commandeered in DDoS and spoofing attacks was honored with the 2014 J.D. Falk Award at the M3AAWG 32nd General Meeting today in Boston. Jared Mauch received the award from the Messaging, Malware and Mobile Anti-Abuse Working Group for three related projects that help prevent vulnerable servers from being used in cyber assaults: The Open Resolver Project, the Open NTP Project and the Open SNMP Project.
With the frequency and intensity of DDoS attacks escalating, pinpointing the enormous number of Internet-facing servers with open DNS and other network settings that can be unknowingly deployed in these outbreaks is an important but massive undertaking. The programs developed by Mauch collect current Internet data to identify exposed machines and provide this information to the trusted security community for remediation.
“Sharing this information with the industry and community has plugged a huge hole in Internet security and it has contributed to the overall decline in open DNS traffic. Jared invested his personal time and energy to get this work off the ground and he continues to run the projects every day without fanfare. This is the type of selfless dedication to protecting end-users that the J.D. Falk Award was created to recognize and encourage,” M3AAWG Chairman of the Board Chris Roosenraad said.
A network engineer at NTT Communications Global IP Network, a business unit of NTT America, Mauch started the Open Resolver Project in early 2013 to provide both his employer and the security community at large with vital data identifying servers at risk. As he outlined in a video describing the projects and recent results, Mauch performs weekly scans, gathers information on exposed hosts, then shares it with Computer Emergency Response Teams, ISPs and network equipment vendors. CERTS, network operators and hardware vendors use his data stream to alert their customers to issues and reduce the number of susceptible servers online. The data is also critically important to other security researchers in their efforts to track ongoing attacks.
In early 2014, Mauch expanded his scanning perimeters to include the Network Timing Protocol commonly used in online management with the Open NTP Project. In June, he added the Open SNMP Project and found publicly available information for over seven million hosts that could be used in spoofing or other crimes when he scanned based on the widely-used Simple Network Management Protocol.
Mauch said, “We started these projects because we needed a way to quantify the size, scope and community risk posed by these protocols. Many people perform similar one-time surveys and scans, but we thought having a persistent program would contribute to the continuous improvement of the Internet. Community outreach and data sharing has been critical. I’ve tried to share the data with those who can take direct action in helping to remediate the global risk from the exposed systems.”
The annual award was announced during the M3AAWG General Meeting being held October 20-23 in Boston with over 400 technical and public policy security experts participating in more than 45 sessions. The award was started to draw attention to a dedicated person who works altruistically behind the scenes to improve Internet security through the implementation of a specific project. The M3AAWG Mary Litynski Award, honoring lifetime achievement in the online anti-abuse industry, will be presented at the organization’s San Francisco meeting in February 2015.
About the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG)
The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) is where the industry comes together to work against bots, malware, spam, viruses, denial-of-service attacks and other online exploitation. M3AAWG (www.M3AAWG.org) represents more than one billion mailboxes from some of the largest network operators worldwide. It leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services through technology, collaboration and public policy. It also works to educate global policy makers on the technical and operational issues related to online abuse and messaging. Headquartered in San Francisco, Calif., M3AAWG is driven by market needs and supported by major network operators and messaging providers.
# # #
Media Contact: Linda Marcus, APR, +1-949-887-8887, LMarcus@astra.cc, Astra Communications
M3AAWG Board of Directors: AT&T (NYSE: T); CenturyLink (NYSE: CTL); Cloudmark, Inc.; Comcast (NASDAQ: CMCSA); Constant Contact (NASDAQ: CTCT); Cox Communications; Damballa, Inc.; Facebook; Google; LinkedIn; Mailchimp; Orange (NYSE and Euronext: ORA); PayPal; Return Path; Time Warner Cable; Verizon Communications; and Yahoo! Inc.
M3AAWG Full Members: 1&1 Internet AG; Adobe Systems Inc.; AOL; BAE Systems Applied Intelligence; Campaign Monitor Pty.; Cisco Systems, Inc.; CloudFlare; Dyn; iContact/Vocus; Internet Initiative Japan (IIJ, NASDAQ: IIJI); Litmus; McAfee Inc.; Microsoft Corp.; Mimecast; Nominum, Inc.; Oracle Marketing Cloud; Proofpoint; Scality; Spamhaus; Sprint; Symantec; tw telecom and Twitter.
A complete member list is available at http://www.m3aawg.org/about/roster.