The National Security Agency, the Cybersecurity and Infrastructure Security Agency and several international partners have issued a new Cybersecurity Information Sheet addressing risks linked to bulletproof hosting, or BPH, providers.
The guidance, titled Bulletproof Defense: Mitigating Risks From Bulletproof Hosting Providers, was published to provide recommended practices for internet service providers, also known as ISPs, and network defenders seeking to reduce cybercriminal activity.
Experts from the public and private sectors will discuss the increasing threats to American systems from global adversaries and near-peer nations at the Potomac Officers Club’s 2026 Cyber Summit on May 21. Build new partnerships during networking sessions and learn directly from industry leaders and government officials through insightful keynote speeches and panel discussions at the in-person GovCon conference. Get your tickets here.
Table of Contents
What Is Bulletproof Hosting?
According to the information sheet, BPH providers lease their own or stolen infrastructure to cybercriminals. BPH is marketed as “bulletproof” because providers do not cooperate with law enforcement or victim complaints of malicious activity.
The agencies noted that BPH is integrated into legitimate internet infrastructure, making it challenging to block.
What Does the New Guidance Recommend?
Authoring agencies are encouraging ISPs and network defenders to review and implement the recommended measures on the Cybersecurity Information Sheet to block harmful traffic and reduce the operational value of bulletproof hosting.
They recommend maintaining an up-to-date list of high-confidence malicious internet resources drawn from commercial and open source threat intelligence and information sharing channels. Network defenders are also encouraged to analyze traffic patterns to identify anomalies and share threat intelligence with community partners.
ISPs can further reduce risk by offering optional malicious internet resource filters and working with other providers to establish a sector-wide code of conduct to prevent BPH abuse.
Related Articles
The Cybersecurity and Infrastructure Security Agency has released three new guides to help critical infrastructure owners and operators address risks from unmanned aircraft systems. Discover how government and industry cyber experts address emerging threats at the Potomac Officers Club’s 2026 Cyber Summit on May 21. Book your seat now! What Are CISA’s New UAS Security Guides? CISA said Wednesday the latest additions to the agency’s Be Air Aware campaign are titled Unmanned Aircraft System Detection Technology Guidance for Critical Infrastructure, Suspicious Unmanned Aircraft System Activity Guidance for Critical Infrastructure Owners and Operators, and Safe Handling Considerations for Downed Unmanned Aircraft Systems. The new resources, developed with the help
Breaking Defense reported Tuesday that Lt. Gen. Dale White has been nominated to serve as direct reporting portfolio manager, or DRPM, for critical major weapons systems, a new role that centralizes oversight of several of the U.S. Air Force’s highest-stakes programs. According to a congressional notice, White was also nominated for promotion to the rank of general. The Senate received his nomination from President Trump on Tuesday. If confirmed, White will report directly to Deputy Defense Secretary Steven Feinberg and supervise the B-21 family of systems, VC-25B presidential airlift, F-47 family of systems, the LGM-35A Sentinel and Minuteman III intercontinental
The General Services Administration and Perplexity have signed an agreement to make the latter’s enterprise-grade artificial intelligence research and drafting platform available to federal agencies. Don’t miss the Potomac Officers Club’s 2026 Artificial Intelligence Summit on March 19! Register today to discover innovative AI applications and join the conversation driving the future of AI in government. GSA said Wednesday the OneGov agreement allows agencies to acquire Perplexity Enterprise Pro for Government at a discounted price. “Access to cutting-edge AI models is essential for integrating AI into federal government operations and modernizing inefficient processes, aligning with the White House’s AI Action