The GDI Foundation is a nonprofit whose mission is “to defend the free & open Internet by trying to make it safer. We address security issues via Responsible Disclosure”. They are headquartered in The Hague in The Netherlands and was founded by Victor Gevers and Vincent Toms in 2012, both of whom also work for the Dutch Government as cybersecurity specialists/consultants.
Victor Gevers describes himself as an “ethical hacker”, and has been one for many years. On the Internet, he is known by his online moniker, OxDUDE. He has successfully hacked countless websites over the last 17 years and detected 4,000 weaknesses in securities. He and Vincent decided to start GDI Foundation together to find weak spots and get them solved by reporting them.
Across the year of 2016, Gevers called his work Project 366 as it came about when he decided to take a 365 day vacation from his day job to dedicate his time to addressing security issues on the web. He looked for vulnerabilities, reported them to organizations at risk, monitored follow up actions and progress, and reported facts, findings and progression of actions taken.
The project ran from 1st January 2016 until 31st December 2016. Gevers describes the motivation behind Project 366 on his website as such: “The internet is plagued by criminal organizations that take advantage of the low-hanging fruit (simple security problems) than can be misused without much IT knowledge. We want to prevent any form of misuse and protect the ‘free and open’ information shared by the internet by our kids, yourself or anybody else across the world.”
The GDI Foundation continues that work in detected and analyzing high risk cyber-vulnerabilities, and shares them along with free advice about solutions. The foundation relies upon contributions in the form of donations, sponsorships and participating members.
The Foundation has found themselves in the news recently for their role in scanning for vulnerable memcached servers to prevent further massive memcached DDoS attacks. Gevers said he had been warning owners of vulnerable memcached servers of the risks of a DDoS attack for several years. “It’s sour to see [DDoS attacks] finally happen after more than two years of warnings. Sometimes you don’t want to be right,” Gevers told Bleeping Computer.
“It’s so frustrating finding the owners, warning them of the risks, and getting them to act. Because there is no risk of a data breach, people are hardly or not responding at all to our emails,” Gevers says.
“And the threat of large volume DDoS attacks is not shrinking. Now with PoC tools and ready-to-go lists in public, we will see a significant increase of Memcached amplification attacks after the coming weekend, I guess.”
The GDI Foundation is actively working with many different partners, including “ISPs, involved organizations and volunteers” to help address the issue of vulnerable Memcached servers. They are monitoring the fixes of the servers, and actively reporting on them as they happen. On March 9th, Gevers tweeted, “Reported 7,684 servers in the last 48 hours. 6,475 were fixed. Still 28,236 to go.”