EZECOM

EZECOM operates as an internet service provider based in Cambodia, offering connectivity solutions and specialized services including distributed denial-of-service (DDoS) mitigation. The company serves domestic markets, positioning itself as a critical infrastructure player within Cambodia's telecommunications sector. Its role extends beyond basic internet provision, with public documentation highlighting its capacity to defend against cyber threats targeting network availability—a service particularly relevant given the escalating frequency of DDoS incidents globally.

The organization gained notable attention during a November 2018 cybersecurity incident when multiple Cambodian ISPs, including EZECOM, sustained severe disruptions from large-scale DDoS attacks. These attacks reached peaks of approximately 150Gbps, ranking among the most substantial such events recorded in Cambodia at the time. EZECOM’s networks experienced prolonged downtime, with some outages persisting up to twelve hours, followed by sustained connectivity degradation throughout the subsequent week. The incident underscored operational vulnerabilities despite EZECOM’s advertised expertise in DDoS mitigation, as the company ultimately required external technical assistance to fully restore services. This reliance drew criticism from industry observers, who questioned the effectiveness of its proprietary mitigation capabilities during extreme traffic volumes.

No definitive attribution or motive was established for the attacks, with investigators noting the absence of ransom demands or concurrent geopolitical events that typically accompany hacktivist campaigns. Unverified speculation suggested the possibility of inter-provider sabotage within Cambodia’s competitive telecommunications landscape, though no evidence substantiated this theory. The event highlighted EZECOM’s dual role as both a victim and a security service provider, revealing challenges in maintaining service resilience against high-magnitude threats. The company’s public acknowledgment of the incident contrasted with its commercial positioning as a mitigation specialist, illustrating the broader industry difficulty of scaling defenses against increasingly sophisticated attack methodologies.