Over the past week friend and VUC regular contributor Fred Posner has been suffering a SIP attack from someone using the Amazon EC2 cloud. Fred’s more than just a friend, he’s a well established small businessman and an upstanding member of the Asterisk user community.
On his VoIP Tech Chat blog Fred has documented with outstanding clarity his attempts to report the attack that he has suffered this past week, and Amazon’s rather limited response. My opinion is that Fred has done exactly as he should in his efforts to report the attack. It’s Amazon’s response that has fallen short.
In fact, I am so unimpressed with Amazon’s failure to live up to their responsibility as the host of EC2 services that I feel I am being forced to take a stand. They have been well and truly informed of the attack, in considerable detail, and yet in an entire week they have failed to act against the host that is perpetrating the attack. This is wholly unacceptable.
How is a small businessman such as Fred to counter such an attack? He can use technology to minimize the effect of the attack, but it still soaks up his bandwidth. That can’t be helped without upstream assistance.
That amazon has failed to act based upon good, solid evidence is completely reprehensible. So, the only act that I can muster is to simply stop doing business with Amazon. This something that I feel compelled to do.
Until Amazon acts in some significant way to eliminate the SIP attacks emanating from it’s EC2 service I will not do business with them. Period.
This is not an easy thing to do. I like Amazon and I’ve done a lot of business with them over the years. I have an Amazon Prime account and would normally go to them first for my online shopping. However, if they are acting irresponsibly with respect to malicious attacks originating from their systems then I cannot in good conscience keep doing business with them. Nor should you. It’s that simple.
I’m not alone in my determination of what to do in this matter. In the comment trail on Fred’s blog post you’ll find that Ward Mundy has already canceled his EC2 account. Just one way to try and get the companies attention.
I’ve submitted the story to Slashdot to try and get some daylight on the situation. Just an hour ago the Slashdot story was posted; SIP Attacks From Amazon EC2 Going Unaddressed.
Amazon, you’ve been warned. Time to do the right thing and bring to an end the SIP attacks emanating from your EC2 cloud.