Man
Professional
- Messages
- 3,085
- Reaction score
- 623
- Points
- 113
Ecatel data center in North Holland
This is the story of Ecatel secure hosting with a data center in the town of Wormer (13 km northwest of Amsterdam). The hoster specializes in confidentiality, which means it does not check the reliability of its clients, does not respond to requests from American copyright holders under the DMCA law, and does not cooperate with law enforcement. It is called the "cesspool" of the Internet. Ecatel has been under investigation for many years in connection with DDoS attacks, the distribution of malware, spam, and child pornography (CP). But the Dutch authorities have been unable to do anything, because according to Dutch law, the hoster is considered simply a provider of technical services (for example, an electricity provider), and therefore is not obliged to check its clients.
Ecatel has repeatedly been included in the top worst hosting providers in the world according to Host Exploit. But no one can prove any direct cooperation with criminals.
Now the Dutch publication NRC is asking the question: how is it possible that the hosting provider has been operating since 2002 without any particular problems?
Over the past almost two decades, only the list of agencies that have taken an interest in the company's activities has changed - the police, the Financial Intelligence Unit (FIOD), the Ministry of Justice and Europol. The list has only grown. Ecatel is owned by two businessmen from The Hague who drive to Wormer once a week: "Bap K., a 75-year-old man in tinted glasses, and his 34-year-old business partner Reinier van E., a large, bald, muscular man in a tracksuit (in 2002, this 16-year-old teenager was invited to the business to solve technical issues). "The businessmen often take two dogs to work with them, which bark at passers-by from the front garden of the data center," writes NRC.
When Rainier came of age, the businessmen founded a British limited liability company, Ecatel, as well as a number of shell hosting companies: Novogara, DataZone, Reba Communications, FiberXpress, B&R Holding, iQarus, Incrediserve, Linkup, etc. Some companies conduct exactly the same activities from the same address, but under different names. Others offer to sublet servers, as if they rented them from Ecatel. The "dirty hoster" network also includes companies like Quasi Networks and IP Volume with anonymous directors in the Seychelles. If a client is blocked by one hoster, he goes to the subtenant.
The partners opened their data center in the province of North Holland in 2011.
Ecatel data center
Since the beginning of the business, hosting companies have been subject to a steady stream of complaints about hosting criminal content.
Reynier and Bap ignore the complaints. Moreover, they treat even their clients quite rudely. For example, one of the clients said that he once came to pick up his servers, and Reynier demanded that he first pay off the debt - and then chased him with an axe. The client did not report the incident to the police because he himself "hit" Reynier with his car.
Ecatel's business model has not changed over the years: we know nothing, we do not answer for anything, we hinder any cooperation with law enforcement agencies.
And it works, because under Dutch law, a hosting company cannot be held liable for the actions of those who rent its servers. The hosting company is not obliged to know the contents of each server.
Ecatel data center
When Ecatel receives an official request from the US to remove copyrighted material under the DMCA, it is simply thrown into the trash, witnesses say. Subtenants even advertise this “service” of completely ignoring the DMCA. Spammers have no problems either.
For all claims from copyright holders and other victims, Ecatel requires a written complaint and send it officially, delaying the procedure as much as possible and communicating with copyright holders “in a cheerful tone”, writes NRC.
For example, a large botnet operated through Ecatel for a long time, illegally broadcast English Premier League football matches and committed other crimes. Dutch police regularly visit the data center in Wormer to copy data from the servers, but Bap and Reynier usually ignore them. They feel invulnerable: they invite the police for a cup of coffee and offer a guided tour of the data center. During an inspection of the diesel generator, Reynier told the police with a smile that he had programmed it himself and had bribed an electrician with several hundred euros to install a seal.
Ecatel data centre
There are other cases where visits go less smoothly and police threaten to break down doors, but it remains a cat-and-mouse game with little consequence. According to sources, prosecutors are not interested in a serious criminal investigation that would prove malicious intent in the actions of Bapa and Reinier.
Things have changed slightly since 2017, when Ferd Grapperhaus of the conservative CDA party took over as justice minister. He was reportedly shocked by the Netherlands’ leading position in the world rankings of child pornography. The ministry has initiated a number of measures, including the launch of a technical system for detecting child pornography (CP), a hash-checking server that hosting companies can connect to. Images discovered in criminal cases in the Netherlands and elsewhere are entered into the system and must be deleted immediately.
On September 22, 2020, the financial intelligence service carried out a real raid on the Ecatel data center: two dozen cars came here, the owners were detained on charges of tax evasion. 70,000 euros in cash and dozens of bitcoins were confiscated, as well as five cars and two stun guns.
Some commentators believe that the raid by the fiscal police looks like an act of desperation, like accusing Al Capone of tax evasion when no other crimes could be proven.
Thus, the "bulletproof" Dutch hoster continues to operate. The NRC publication draws attention to the inaction of the Internet community, which does not agree to depeer with Ecatel. For example, a representative of the Amsterdam exchange said: "We are just a data channel, we have nothing to do with the content. We cannot study which of the traffic exchange participants provides hosting".
Some opponents advocate for hosters to adopt bank-like KYC rules to collect information about each customer before providing services to them.
Encryption for hosting
Perhaps some of the above problems can be solved by encrypting data on the hosting. For example, since 2020, the Linux Foundation has been promoting secure computing standards in an isolated Trusted Execution Environment (TEE) among hardware manufacturers, hosters, and cloud providers, see the technical analysis Confidential Computing v1.1.
The TEE standard combines homomorphic encryption and TPM, preventing unauthorized parties from accessing information on the server. With this encryption, the hosting provider does not see what files are stored on it at all.
Source
