The problem is that in both instances the FBI seized large amounts of hardware "in case" it was involved. Part of the rational here was that with virtualisation and in a hosted environment, the FBI needed to acquire a larger amount of hardware that otherwise would seem reasonable, in order to prevent systems being moved electronically and started on other machines.
As a result, several smaller companies were affected by all of this. Much of what happened can be found in a series of pieces on Wired magazines Threat Level blog. If you read through the actual detail of the raids, there was a lot of exaggeration at the time but a lot of impact on businesses as well.
Anyone who has used hosting sites for their email will know that it is all too easy to end up on a blacklist. The reason for this is that you are using shared IP addresses and shared email servers at the hosting company. It only takes one customer on that service to get infected or to buy into a service in order to distribute spam and the IP address gets blocked.
As the systems often use a small range of IP addresses to spread the load at peak time, all the addresses get block in one move. Not only is this disruptive for the ISP who has to move email servers and addresses and reroute email, but it can mean you are without your mail for hours or even days. Sadly, there is no easy way around this problem for ISPs or their customers.
How do you protect yourself?
With a little bit or research. Before signing to any ISP make sure that you check its history. The IP addresses it uses will be in the public domain. Take a look through the blacklists at Spamhaus or Symantec's Brightmail. These will show if the ISP you are signing to has a problem or if it seems to be carefully managed.
Over the last few years there have been a lot of calls for the establishment of a reputation based service that would make it easier to see how risky a company was. The problem here is that in the hosted space, anyone can sign up for space and then, over a period send out spam and other malware. It takes time for that to be detected by the hosting provider and they have to be able to legally prove a breach of terms and conditions before terminating a user.
It can be difficult for ISPs to identify a bot herder and this is where the work done by security vendors such as Symantec to locate and identify the source of command and control systems comes in. However, there will still be delays between the research and the ISP being able to block a site. During that time, however, if you are sharing an IP address, you can be impacted by the behaviour of others. Once again, researching the history of the ISP you are at least doing something to mitigate potential problems.
As part of any plans to make better use of the web, sit down and decide exactly what it is you need the web for. Is it just a website presence? Do you need someone to host your email to make it easier for staff to access? Are you looking to put applications into the web? Maybe it is Software as a Service (SaaS) with applications such CRM or hosted desktops using Desktop as a Service (Daas) that appeal to you.
Many of the options above are more than simple hosting via an ISP. They will have Service Level Agreements (SLAs) and processes that will ensure your data is safe. Many of them will have alternative sites so that a system failure will not leave your company without access to services that it will inevitably become dependent upon.
Even here, where it appears that they are much more customer focused, there are issues. How long have they been in business? How well are they funded? What are their data protection policies? How many customers are they able to give you access to in order to gauge their level of service and reliability?
There is increasing pressure on businesses to move to the web either through the use of hosted solutions or by managing their own presence. Before you do anything, take careful note of what has happened with Pricewert and the other US datacentres above. Otherwise you risk making yourself a casualty of someone else's making.
