|1||(4)||AS 22093 CCF-NETWORK||US|
|2||(-)||AS 27609 USC-UNIVERSITY-HOSPITAL||US|
|3||(1)||AS 25611 NSLIJHS||US|
|4||(-)||AS 19335 APRIA-HEALTHCARE||US|
|5||(2)||AS 9208 WIN||BE|
|6||(7)||AS 122 U-PGH-NET-AS||US|
Yet AS 22093 CCF-NETWORK dropped like a rock on 7 May 2012, going to zero the next day, and staying there. So Cleveland Clinic also was most improved for May 2012 medical organizations. Congratulations, Cleveland Clinic!
This feat of IT security cleanliness shouldn't have been hard for CCF, since AS 22093 CCF-NETWORK seems to have had a Lethic problem, which CBL saw on no more than 3 hosts. Sure, there could have been more hosts infected than that, and CBL just might not have seen them all. But 3 is far smaller than what CBL sees for a typical botnet infection, so the number of infected hosts probably was quite small. Which means it should have been easy for CCF to find them all and fix them.
Hm, maybe being #4 last month gave CCF some incentive?