Agencies release guide to protect against bulletproof hosting provider cybercrimes 

U.S. and international agencies Nov. 19 released a guide on mitigating potential cybercrimes from bulletproof hosting providers. A BPH provider is an internet infrastructure provider that intentionally markets and leases their infrastructure to cybercriminals. The agencies said they have recognized a notable increase in cybercriminals using BPH resources for cyberattacks on critical infrastructure and other targets. Mitigating malicious activity from BPH providers requires a nuanced approach, as BPH infrastructure is integrated into legitimate internet infrastructure systems, and actions from internet service providers or network defenders could impact legitimate activity. 

“Bulletproof hosts have long been used to facilitate cybercrime,” said Scott Gee, AHA deputy national advisor for cybersecurity and risk. “They hide in plain sight, looking like other legitimate providers. They do not cooperate with law enforcement investigations, providing cybercriminals cover for their activities.” 

For more information on this or other cyber and risk issues, contact Gee at sgee@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.