Infiltrated dot Net

Dear Philips Corporation,

Since January 2011, a host in your network has been steadily trying to compromise not one, not two, but over 12 managed servers I have online. Normally, I would not create an entire article out of this but at this point the negligence from your company is scary. Have you not seen the news in recent months? Sony, RSA, L3 and a countless amount of other companies have been compromised. I believe your company is in this same category.

Previously, I sent out messages via LinkedIn to employees in your company, tried sending emails to your abuse addresses associated with your networks, I even took it upon myself to contact your upstream. The problem is, no one has responded. I hope now that this information is in the public domain, someone in your company will begin to respond.

Psst... Philips Corp? You there? Your network is either compromised or you have a rogue employee in one of your offices that has been attacking me now for over 6 months. Don't you think it's time you audit some of your servers or would you rather fork out $170 million [1] in determining what occurred? Maybe even have your stock drop 5% because of investor confidence, loss of business, etc.

Do you know the cost of fixing up your network is a heck of lot cheaper than aftermath of news reports reporting that your company has either rogue employees or is compromised. Wouldn't it make sense for someone working at Philips to give a hoot and pass this message along? Wouldn't it make sense for someone in your IT department to contact me so I can provide them with the logs of these attacks so they can go about ether a) firing your rogue employee or b) closing the gaping compromise of a hole that is allowing your network to attack not only my networks, but other networks?

Thanks for listening - any of you Philips Corp employees - that is of course, after 6 months and publicly outing these incidents, someone actually took a look.


$ awk '/PHILIPS/{print $7,$9,$21,$22}' nids/2ndQ/attackers.csv
20110420 bf85b024eec53c533630a4551d9f63a7 PHILIPS ELECTRONICS
20110421 fb17621acd4b0626c80ba8e66e963518 PHILIPS ELECTRONICS
20110425 fb17621acd4b0626c80ba8e66e963518 PHILIPS ELECTRONICS
20110430 8850509672ee7d983d9a511e31b13a9a PHILIPS ELECTRONICS
20110502 bf85b024eec53c533630a4551d9f63a7 PHILIPS ELECTRONICS
20110502 fb17621acd4b0626c80ba8e66e963518 PHILIPS ELECTRONICS
20110506 8850509672ee7d983d9a511e31b13a9a PHILIPS ELECTRONICS
20110507 8850509672ee7d983d9a511e31b13a9a PHILIPS ELECTRONICS
20110507 fb17621acd4b0626c80ba8e66e963518 PHILIPS ELECTRONICS
20110508 8850509672ee7d983d9a511e31b13a9a PHILIPS ELECTRONICS
20110509 fb17621acd4b0626c80ba8e66e963518 PHILIPS ELECTRONICS
20110510 bf85b024eec53c533630a4551d9f63a7 PHILIPS ELECTRONICS
20110514 fb17621acd4b0626c80ba8e66e963518 PHILIPS ELECTRONICS
20110517 8850509672ee7d983d9a511e31b13a9a PHILIPS ELECTRONICS
20110521 4fd0c880f8cbe31e4efc18890b4ac51a PHILIPS ELECTRONICS
20110522 8850509672ee7d983d9a511e31b13a9a PHILIPS ELECTRONICS
20110522 fb17621acd4b0626c80ba8e66e963518 PHILIPS ELECTRONICS
20110523 785c47968ae9a7d01a8e397aa318fe77 PHILIPS ELECTRONICS
20110523 8850509672ee7d983d9a511e31b13a9a PHILIPS ELECTRONICS
20110524 4fd0c880f8cbe31e4efc18890b4ac51a PHILIPS ELECTRONICS
20110524 8850509672ee7d983d9a511e31b13a9a PHILIPS ELECTRONICS
20110524 e22b6e201b3533a0dd1ac8bb47426169 PHILIPS ELECTRONICS
20110525 8850509672ee7d983d9a511e31b13a9a PHILIPS ELECTRONICS




[1] http://it.slashdot.org/story/11/05/23/1327230/PlayStation-Network-Hack-Will-Cost-Sony-170M
[2] http://www.maxconsole.net/content.php?45787-Sony-s-share-price-tumbles-5-due-to-PSN-security-compromise