More OutsideIntel Background

I started building OutsideIntel just a handful of years ago, but it was based on an idea I had 20 years ago. I have only recently begun to be able to realize my idea. As I left WhiteHat security as their VP of labs, I decided I had better write about my experiences running this analysis platform. When people see it they call me “the mini NSA” – a dubious title. But still, OutsideIntel has come in handy during business in more ways than I can possibly say. But here’s a few off the top of my head:

  • It helped me find Hillary Clinton’s mail servers, and associated infrastructure. Once her email became visible, it was trivial to find the associated servers, including admin backend, Outlook web access server, etc.
  • It helped me find Rick Perry’s backend campaign management infrastructure.
  • It’s helped me in meetings where I would have said the wrong thing, without knowing what other investments the CEO had privately made. I ended up making a great friend and huge ally due to avoiding that landmine.
  • It’s given me intelligence on my friends projects where they weren’t willing to provide me the information naturally, but I was able to figure it out based on the facts at hand. That’s helped me help them in ways that were only clear later – and again strengthened relationships.
  • It enabled me to figure out how Ashley Madison was compromised, even long after they fixed the issue, and what stopgaps they’ve made since then.
  • It’s helped me countless times see how well companies are doing to aid my friends in their job hunts as they ask the important questions – should they go work for the company in question or not?
  • It’s helped me do competitive analysis and help companies head identify their competition’s goals before public announcements were made.
  • It’s helped me do analysis on what companies own as they attempt to shore up their own infrastructure. Working as a consultant with them, it’s made my life significantly easier.
  • And on and on…

My goal with this project is to increase OutsideIntel’s abilities over time (which requires development work, more computing resources, and significantly more storage). Eventually I aim to sell OutsideIntel to a company (hedge fund, investment group, corporation who does M&A, etc…) who sees the same thing I do. Corporate intelligence is simply stated one of the most valuable things to have. Knowing what people are building, where they’re building, who they’re building for, how many customers they have, how much traffic they get, etc. turns out to be some of the most valuable information available. But only if you know what you’re looking at. It’s not just the terabytes of data, it’s how the data is presented, and knowing what to look for that makes it valuable.

Linode Suffering In DDoS Aftermath

Linode Suffering In DDoS Aftermath

Confidence: Medium
Impact: Medium
Disposition of finding: Negative

Linode, LLC is a hosting service provider based out of Galloway, New Jersey. It’s focused on cloud computing, and competes with the likes of RackSpace, and Amazon’s EC2. Primarily focused on performance and cost, they attract a certain class of customer who is focused on availability and capital costs associated with infrastructure.

In late 2015, Linode suffered a sustained and long term distributed denial of service attack against their network. These attacks are frequent, but it appears that they were unable to recover in any meaningful amount of time. The infrastructure they have build was unable to keep up with the attack and subsequently, I have seen a decline in just over 21% of their customer base and associated infrastructure since/through the month of January. Customers appear to be leaving due to the sustained attack.

This is to be expected given that the Linode customers often are hyper focused on availability as companies like Google place higher importance on companies that load quickly. This is due to the belief that bounce rate is higher on sites that load slowly. As such, it is unlikely that Linode can go public in the near-term and on top of the damage due to the attack, the company will no doubt need to outlay more capital expenditure as they attempt to mitigate the attack (E.g. buying access to Akamai’s Prolexic, or Arbor, etc.).

Obligatory legal disclaimer.