Today is Day 24 of our public appeal, which meant we would have had 47 days remaining until the May 26th deadline for Shadowserver to have finished moving out of our current data center, generously provided by Cisco for many years. This has been a particularly challenging timeline for us to achieve.
The day after we went public with our appeal, the counties making up Silicon Valley went into ‘Shelter in Place’ lockdown orders due to the rapidly worsening COVID-19 pandemic. A few days later, so did the whole of the state of California, as well as the other US states where our operations staff (and potential sponsors) are based, as did the countries where our EU projects staff are based. Whilst our US data center staff might be considered essential workers and could possibly be exempted from lockdown, the global situation has put an already difficult data center move under even more intense pressure.
After discussions with Cisco about the potential health risk to staff and to movers, we are happy to announce that their new Chief Security & Trust Officer, Brad Arkin, has kindly extended our data center move deadline from May 26th to August 31st. Shadowserver must still pick up the employment costs for our US-based operations team from May 26th, but this data center migration deadline extension comes as a great relief to everyone. We will update the countdown timer on our website to show the new extended deadline of 145 days.
The new date of August 31st also provides us with some much needed extra time to continue to raise the funds necessary to cover our 2020 operations costs.
In April we will review all of the hosting and colocation options now available to us, including following up with everyone who has already contacted us to offer assistance. If your organization could help with these new timescales, please reach out and arrange a call to discuss the potential options.
The extra time gained significantly de-risks the potential impact to our public benefit services. We aim to sign contracts by the first week of May, consolidate our current rackspace footprint, then plan and execute the move by August. We will post periodic updates as the final data center migration approach is confirmed.
Generous Early Support From The BitMEX Cryptocurrency Exchange
Craig Newmark’s very generous personal impact investment guaranteed us the initial $400,000 required to cover our up-front data center move costs, and we were soon contacted by HDR Global Trading Limited, operator of the BitMEX cryptocurrency trading platform. They generously also offered $400,000 to fund Shadowserver’s public benefit services, being delivered as $100,000 a year for four years. You can read more details about their announcement and motivation in BitMEX Co-Founder and Chief Technology Officer Samuel Reed’s blog. Once again, we are touched by the speed and level of support being made available by generous donors. We really appreciate BitMEX’s support in helping to ensure that Shadowserver can survive.
Even if you or your organization can’t currently help fund Shadowserver’s urgent 2020 financial needs, please take a moment to thank both Craig Newmark and BitMEX / Sam on Twitter. Your voices, likes and retweets on social media can really help us to take our message out to wider audiences, who may be able to help in both the short and long term.
Shadowserver’s Services Continue to Thrive!
Since our initial public announcement, we’ve had hundreds of new organizations and two new National CSIRTs sign up for our Public Benefit Daily Network Reporting (taking us to 109 National CSIRTs in 138 countries), as well as launching a new Message Queue Telemetry Transport (MQTT) IoT IPv4 Internet-wide scanning report. Despite the global COVID-19 crisis, Shadowserver continues with its public benefit mission as normal, helping organizations all over the world. If you don’t already receive them, sign up for our public benefit network reports.
Shadowserver’s work continues. For example, read Has The Sun Set On The Necurs Botnet? to see Shadowserver’s involvement in the takedown with Microsoft and Bitsight (and read WIRED magazine’s article about Necurs). Explore Open MQTT Report – Expanding the Hunt for Vulnerable IoT devices to see how the IoT community can leverage Shadowserver to find and remediate vulnerable MQTT systems. Or find out more about stopping Magecart credit card skimming, recent trends in Apple Remote Desktop (ARD) scanning and about progress with global exposed RDP services and BlueKeep vulnerability remediation.
Thank you, everyone, for your fantastic support so far, we will have more good news to follow in the coming days. In the meantime, please keep up the great community effort. If you can help, or know someone who can, please reach out on social media and help get the message out, or get in touch by email, urgently.
The Shadowserver Foundation Team
Read Next: First Fundraising Status Update
Read Next: Our Data Center Has A New Home
Read Next: Second Fundraising Status Update
Read Next: Third Fundraising Status Update