Uncooperative Russian ISP Prevents Cisco From Shutting Down Cybercriminal Gang

An anonymous reader writes: Cisco's Talos research team has managed to identify and partially shut down a cyber-criminal group that is using the RIG exploit kit to infect users with spambots via a malvertising campaign. Their investigation led them back to Russian ISP Eurobyte, who didn't bother answering critical emails and allowed the campaign to go on even today. In October 2015, Cisco's researchers also thwarted the activity of another group of cyber-criminals that made around $30 million from distributing ransomware.

Re:Block all traffic to/from Russia and China.

I run my own firewall and I actually did block, among some other areas, everything East from my country, including Russia. Whole of Asia, Africa, South America and Australia. The average attack attempts to my web servers dropped from hundreds per week to a couple per week. It's also really nice how you can block inbound and outbound or just inbound traffic.

Re:Block all traffic to/from Russia and China.

[myowntrueself]

I run my own firewall and I actually did block, among some other areas, everything East from my country, including Russia. Whole of Asia, Africa, South America and Australia. The average attack attempts to my web servers dropped from hundreds per week to a couple per week. It's also really nice how you can block inbound and outbound or just inbound traffic.

And yet you let through traffic from the USA? The number one source of internet attacks?

http://www.statista.com/statis...