991:
the company's business papers, Raymon
Saulino, matches a name tied to Packet Forensics. Packet Forensic had nearly $ 40 million in federal contracts over the past 10 years. It currently sells intercept equipment that allows law enforcement agencies to selectively wiretap individuals. The company received national attention in 2011 when a Wired story reported Packet Forensics was selling an application to the federal government that could spy on people's online browsers. Global Resource Systems LLC also has the same name as a firm that shut down over 10 years ago and was sending out email spam, internet fraud researcher Ron Guilmette told Associated Press. The company had the same street address and used the same internet routing identifier.
237:
155:
141:(BGP) routing data to diagnose Internet routing disruptions, such as those caused by communications fiber cable cuts, routing equipment failures, and governmental censorship. His academic background is in computer engineering, and he was a signals specialist in the U.S. Air Force, before arriving at his present specialty, which has occupied his professional career.
411:. The addresses belonged to the US Department of Defense, so this initially appeared to be the largest IP address hijacking in history. Madory's analysis identified a stranger situation, though: the shell company, "Global Resource Systems," was in fact contracted to the DoD, but was one of a family of shell companies controlled by
464:
438:
406:
On
January 20, 2021, Madory observed a previously unknown Delaware shell company launching a process which would ultimately BGP advertise more than 175 million IPv4 addresses. Worth $ 5.6 billion at February 2021 prices, this was by far the largest aggregate block on the Internet, more than twice the
990:
Global
Resource Systems LLC was created in September and has no prior government contracts. The company also does not have an online presence or a business license where it is registered in Plantation, Florida, though the company filed paperwork in October, for incorporation in Delaware. The name on
451:
357:
for three hours each morning for several consecutive days, on the same dates in 2014 and 2015, and discovered that the government had mandated the shutdowns to coincide with grade school final examinations, in order to hamper test cheating. He has subsequently observed the same events in
423:, ongoing in parallel at the time of the apparent hijacking. What appeared to be a simple, if vast, IP address hijacking turned out to instead be a DoD contracting scandal linked to an election disinformation scandal.
337:
to Cuba by the
Venezuelan government in 2010 and 2011, had been activated following an unexplained dormancy of two years. This cable, linking the Cuban domestic network to the Internet via
390:" cyber-attacks against alleged DDoS perpetrators, engaging in the BGP hijacking of IP prefixes and routes, specifically those of vDOS, an Israeli "booter" DDoS-for-hire service hosted by
317:
Madory is best known for the discoveries that are the product of his
Internet routing analysis: sometimes of interesting new phenomena on the Internet and sometimes of malfeasance online.
962:
644:
420:
572:
341:, was Cuba's first non-satellite international connection, and was a major milestone in Cuba's liberalization. Uncharacteristically, the Cuban state organ
713:
1101:
977:
305:
in April 2017. Madory remained in the same
Director of Internet Analysis position throughout each of these transitions, before leaving Oracle to join
913:
1091:
617:
1023:
735:
1004:
978:"4 unanswered questions about the mysterious company that began managing a big chunk of the internet minutes before Biden was sworn in"
1096:
284:
202:
501:
527:
796:
262:
180:
462:, "Methods and apparatus for real-time traffic steering using real-time user monitoring data", published 2021-06-01
887:
1053:
258:
176:
936:
528:"This former Air Force officer is one of the US' most renowned private-sector experts on the structure of the internet"
595:
247:
165:
773:
750:
864:
266:
251:
184:
169:
1059:
667:
379:
57:
436:, "Methods, systems, and apparatus for geographic location using trace routes", published 2019-01-03
387:
138:
1086:
1065:
841:
216:
72:
49:
446:
433:
459:
1081:
297:
Madory joined
Internet intelligence and technical analysis firm Renesys in 2009. Renesys was sold to
690:
888:"Minutes before Trump left office, millions of the Pentagon's dormant IP addresses sprang to life"
621:
395:
342:
302:
736:"Syria Shuts Down Internet to Prevent Cheating During National High School Exams, Say Insiders"
956:
220:
79:
137:
is an
American Internet routing infrastructure expert, who specializes in analyzing Internet
416:
53:
914:"Price of IPv4 addresses, one of the Internet's hottest commodities, reaches all-time high"
449:, "Methods and apparatus for finding global routing hijacks", published 2017-08-31
383:
375:
1075:
298:
412:
1047:
714:"Syrian Internet Outages Correspond Exactly to National High School Test Schedule"
797:"How 1.5 Million Connected Cameras Were Hijacked to Make an Unprecedented Botnet"
371:
236:
154:
818:
549:
391:
338:
618:"Comienzan pruebas para el tráfico de Internet por el cable submarino ALBA-1"
940:
334:
408:
668:"Iraq shuts down internet to prevent students from cheating on exams"
330:
306:
215:
Madory received a bachelor's degree in computer engineering from the
101:
645:"Iraq Shut Down Its Internet to Prevent Sixth-Graders From Cheating"
219:
in 1999. He received a master's degree in computer engineering from
359:
354:
326:
394:. In the wake of publication, both Krebs and Madory's employer
230:
148:
382:. In the course of that investigation, they discovered that
325:
In 2013, Madory observed that
Internet connection speeds in
1005:"Doug Madory on the mysterious AS8003 global routing story"
370:
In 2016, Madory collaborated with cybersecurity journalist
329:
had suddenly improved. His investigation revealed that the
550:"'Curious' Cuban net cable has activated, researchers say"
842:"Hacking vendetta seen in attack on Manchester's Dyn Inc"
573:"Cuba's mystery fiber-optic Internet cable stirs to life"
1024:"The big Pentagon internet mystery now partially solved"
353:
Madory observed daily nationwide
Internet shutdowns in
795:
Franceschi-Bicchierai, Lorenzo (29 September 2016).
349:
National Internet shutdowns to prevent exam cheating
115:
107:
97:
89:
64:
28:
21:
776:. No. 10 September 2016. Krebs on Security
865:"DDoS on Dyn Impacts Twitter, Spotify, Reddit"
489:. Charlottesville, VA: University of Virginia.
366:BackConnect IP address and BGP route hijacking
333:undersea fiber cable, which had been run from
774:"Alleged vDOS Proprietors Arrested in Israel"
751:"DDoS Mitigation Firm Has History of Hijacks"
596:"Cuba Activates Undersea Internet Cable Line"
111:Analyzing Internet communications disruptions
8:
402:Global Resource Systems IP address hijacking
961:: CS1 maint: numeric names: authors list (
265:. Unsourced material may be challenged and
183:. Unsourced material may be challenged and
819:"Massive web attack hits security blogger"
18:
620:. Granma. 24 January 2013. Archived from
309:in November 2020, in much the same role.
285:Learn how and when to remove this message
203:Learn how and when to remove this message
415:which were exposed by the indictment of
477:
301:in May 2014, which in turn was sold to
954:
345:issued a confirmation two days later.
16:Expert in Internet routing disruptions
7:
263:adding citations to reliable sources
181:adding citations to reliable sources
398:suffered retaliatory DDoS attacks.
840:Schuetz, Molly (21 October 2016).
749:Krebs, Brian (20 September 2016).
691:"How Iraq turned off the internet"
502:"The man who can see the Internet"
386:firm BackConnect was engaging in "
14:
712:Koebler, Jason (12 August 2016).
594:Werman, Marco (22 January 2013).
1102:Virginia State University alumni
912:Cimpanu, Catalin (13 May 2021).
886:Timberg, Craig (24 April 2021).
863:Krebs, Brian (21 October 2016).
235:
153:
1003:Naraine, Ryan (29 April 2021).
571:Frank, Marc (22 January 2013).
485:University of Virginia (1999).
1022:Bajak, Frank (25 April 2021).
643:Waddell, Kaveh (16 May 2016).
500:Scola, Nancy (6 August 2014).
1:
689:Burgess, Matt (4 July 2016).
419:and depositions conducted by
93:Director of Internet Analysis
1092:American computer scientists
526:Rosen, Armin (24 May 2015).
738:. CircleID. 11 August 2016.
374:in an investigation of the
1118:
1056:(April 2017-November 2020)
666:Toor, Amar (17 May 2016).
1050:(November 2020 – present)
976:Kay, Grace (1 May 2021).
1097:Dartmouth College alumni
821:. BBC. 22 September 2016
447:WO patent 2017147166
434:US patent 2020389535
1068:(October 2009-May 2014)
937:"IPv4 Transfer Pricing"
321:ALBA-1 cable activation
139:Border Gateway Protocol
1009:Security Conversations
552:. BBC. 21 January 2013
460:US patent 11025553
217:University of Virginia
73:University of Virginia
1062:(May 2014-April 2017)
259:improve this section
177:improve this section
935:IPv4 Market Group.
867:. Krebs on Security
753:. Krebs on Security
33:Douglas Carl Madory
1026:. Associated Press
980:. Business Insider
530:. Business Insider
487:Student Directory
295:
294:
287:
221:Dartmouth College
213:
212:
205:
132:
131:
80:Dartmouth College
1109:
1036:
1035:
1033:
1031:
1019:
1013:
1012:
1000:
994:
993:
987:
985:
973:
967:
966:
960:
952:
950:
948:
939:. Archived from
932:
926:
925:
923:
921:
909:
903:
902:
900:
898:
883:
877:
876:
874:
872:
860:
854:
853:
851:
849:
837:
831:
830:
828:
826:
815:
809:
808:
806:
804:
792:
786:
785:
783:
781:
769:
763:
762:
760:
758:
746:
740:
739:
732:
726:
725:
723:
721:
709:
703:
702:
700:
698:
686:
680:
679:
677:
675:
663:
657:
656:
654:
652:
640:
634:
633:
631:
629:
614:
608:
607:
605:
603:
598:. PRI: The World
591:
585:
584:
582:
580:
568:
562:
561:
559:
557:
546:
540:
539:
537:
535:
523:
517:
516:
514:
512:
497:
491:
490:
482:
468:
467:
463:
455:
454:
450:
442:
441:
437:
417:Michael Sussmann
290:
283:
279:
276:
270:
239:
231:
208:
201:
197:
194:
188:
157:
149:
46:
42:
40:
19:
1117:
1116:
1112:
1111:
1110:
1108:
1107:
1106:
1072:
1071:
1044:
1039:
1029:
1027:
1021:
1020:
1016:
1002:
1001:
997:
983:
981:
975:
974:
970:
953:
946:
944:
934:
933:
929:
919:
917:
911:
910:
906:
896:
894:
892:Washington Post
885:
884:
880:
870:
868:
862:
861:
857:
847:
845:
839:
838:
834:
824:
822:
817:
816:
812:
802:
800:
794:
793:
789:
779:
777:
771:
770:
766:
756:
754:
748:
747:
743:
734:
733:
729:
719:
717:
711:
710:
706:
696:
694:
688:
687:
683:
673:
671:
665:
664:
660:
650:
648:
642:
641:
637:
627:
625:
616:
615:
611:
601:
599:
593:
592:
588:
578:
576:
570:
569:
565:
555:
553:
548:
547:
543:
533:
531:
525:
524:
520:
510:
508:
506:Washington Post
499:
498:
494:
484:
483:
479:
475:
465:
458:
452:
445:
439:
432:
429:
404:
384:DDoS mitigation
368:
351:
323:
315:
291:
280:
274:
271:
256:
240:
229:
209:
198:
192:
189:
174:
158:
147:
128:
122:Marticia Madory
85:
65:Alma mater
60:
47:
44:
38:
36:
35:
34:
24:
17:
12:
11:
5:
1115:
1113:
1105:
1104:
1099:
1094:
1089:
1084:
1074:
1073:
1070:
1069:
1063:
1057:
1051:
1043:
1042:External links
1040:
1038:
1037:
1014:
995:
968:
927:
904:
878:
855:
832:
810:
787:
772:Krebs, Brian.
764:
741:
727:
704:
681:
658:
647:. The Atlantic
635:
609:
586:
563:
541:
518:
492:
476:
474:
471:
470:
469:
456:
443:
428:
425:
403:
400:
367:
364:
350:
347:
322:
319:
314:
311:
293:
292:
243:
241:
234:
228:
225:
211:
210:
161:
159:
152:
146:
143:
130:
129:
127:
126:
123:
119:
117:
113:
112:
109:
108:Known for
105:
104:
99:
95:
94:
91:
87:
86:
84:
83:
76:
68:
66:
62:
61:
48:
32:
30:
26:
25:
22:
15:
13:
10:
9:
6:
4:
3:
2:
1114:
1103:
1100:
1098:
1095:
1093:
1090:
1088:
1087:Living people
1085:
1083:
1080:
1079:
1077:
1067:
1064:
1061:
1058:
1055:
1052:
1049:
1046:
1045:
1041:
1025:
1018:
1015:
1010:
1006:
999:
996:
992:
979:
972:
969:
964:
958:
943:on 2021-10-26
942:
938:
931:
928:
915:
908:
905:
893:
889:
882:
879:
866:
859:
856:
843:
836:
833:
820:
814:
811:
798:
791:
788:
775:
768:
765:
752:
745:
742:
737:
731:
728:
715:
708:
705:
692:
685:
682:
669:
662:
659:
646:
639:
636:
624:on 2018-03-03
623:
619:
613:
610:
597:
590:
587:
574:
567:
564:
551:
545:
542:
529:
522:
519:
507:
503:
496:
493:
488:
481:
478:
472:
461:
457:
448:
444:
435:
431:
430:
426:
424:
422:
418:
414:
410:
401:
399:
397:
393:
389:
385:
381:
377:
373:
365:
363:
361:
356:
348:
346:
344:
340:
336:
332:
328:
320:
318:
312:
310:
308:
304:
300:
289:
286:
278:
268:
264:
260:
254:
253:
249:
244:This section
242:
238:
233:
232:
226:
224:
222:
218:
207:
204:
196:
186:
182:
178:
172:
171:
167:
162:This section
160:
156:
151:
150:
144:
142:
140:
136:
125:Edward Madory
124:
121:
120:
118:
114:
110:
106:
103:
100:
96:
92:
88:
81:
77:
74:
70:
69:
67:
63:
59:
55:
51:
45:(age 47)
43:24 March 1977
31:
27:
20:
1066:Renesys blog
1028:. Retrieved
1017:
1008:
998:
989:
982:. Retrieved
971:
945:. Retrieved
941:the original
930:
918:. Retrieved
916:. The Record
907:
895:. Retrieved
891:
881:
869:. Retrieved
858:
846:. Retrieved
835:
823:. Retrieved
813:
801:. Retrieved
790:
778:. Retrieved
767:
755:. Retrieved
744:
730:
718:. Retrieved
707:
695:. Retrieved
684:
672:. Retrieved
661:
649:. Retrieved
638:
626:. Retrieved
622:the original
612:
600:. Retrieved
589:
577:. Retrieved
566:
554:. Retrieved
544:
532:. Retrieved
521:
509:. Retrieved
505:
495:
486:
480:
413:Rodney Joffe
405:
380:DDoS attacks
376:Mirai botnet
369:
352:
324:
316:
296:
281:
272:
257:Please help
245:
214:
199:
190:
175:Please help
163:
134:
133:
50:Poughkeepsie
1082:1977 births
1054:Oracle blog
1048:Kentik blog
844:. Bloomberg
670:. The Verge
372:Brian Krebs
313:Discoveries
275:August 2024
193:August 2024
135:Doug Madory
23:Doug Madory
1076:Categories
1030:26 October
984:26 October
947:26 October
920:26 October
897:26 October
871:26 October
848:26 October
825:26 October
803:26 October
780:25 October
757:25 October
720:25 October
697:25 October
674:25 October
651:25 October
628:25 October
602:25 October
579:25 October
556:25 October
534:25 October
511:25 October
473:References
392:Cloudflare
339:Telefonica
90:Occupation
39:1977-03-24
575:. Reuters
421:Alfa-Bank
388:hack back
335:Venezuela
246:does not
223:in 2006.
164:does not
145:Education
1060:Dyn blog
957:cite web
407:size of
98:Employer
54:New York
693:. Wired
427:Patents
409:Comcast
267:removed
252:sources
185:removed
170:sources
116:Parents
799:. Vice
716:. Vice
466:
453:
440:
343:Granma
331:ALBA-1
307:Kentik
303:Oracle
299:DynDNS
227:Career
102:Kentik
82:, 2006
75:, 1999
360:Syria
78:M.S.
71:B.S.
1032:2021
986:2021
963:link
949:2021
922:2021
899:2021
873:2021
850:2021
827:2021
805:2021
782:2021
759:2021
722:2021
699:2021
676:2021
653:2021
630:2021
604:2021
581:2021
558:2021
536:2021
513:2021
378:and
355:Iraq
327:Cuba
250:any
248:cite
168:any
166:cite
29:Born
396:Dyn
261:by
179:by
58:USA
1078::
1007:.
988:.
959:}}
955:{{
890:.
504:.
362:.
56:,
52:,
41:)
1034:.
1011:.
965:)
951:.
924:.
901:.
875:.
852:.
829:.
807:.
784:.
761:.
724:.
701:.
678:.
655:.
632:.
606:.
583:.
560:.
538:.
515:.
288:)
282:(
277:)
273:(
269:.
255:.
206:)
200:(
195:)
191:(
187:.
173:.
37:(
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.