CircleID

FBI Supervisory Special Agent Thomas X. Grasso – First Recipient of J.D. Falk Award for Establishing DNS Changer Working Group and Protecting End-UsersConvincing competitors, disparate business entities and researchers to collaborate — many donating their services and resources — to protect millions of end-users worldwide is no small feat. Yet FBI Supervisory Special Agent Thomas X. Grasso did just that by quietly working behind the scenes to create the DNS Changer Working Group that saved an inestimable number of end-users from losing access to the Web over the last two years. Recognizing his leadership, Grasso received the inaugural J.D. Falk award on Tuesday at the Messaging, Malware and Mobile Anti-Abuse Working Group 26th General Meeting in Baltimore.

"Tom embodies the kind of personal sense of responsibility and accountability that built the Internet and is vital to its future growth. First, he had the foresight to understand the problem and to realize that something could be done to prevent it. Then it took an enormous commitment of his time and energy to muster the resources and bring dissimilar entities together to accomplish an objective that turned out to be a critical issue for many end-users," said M3AAWG Co-Chairman Chris Roosenraad.

Grasso created the ad hoc committee based on the relationships and goodwill he had developed over his 12 years working with the Internet industry. He persuaded large corporations to commit time and funds to notify infected customers, and convinced anti-virus vendors, Internet Service Providers and the security research community to cooperate in the project. DCWG members include Georgia Tech, Internet Systems Consortium, Mandiant, National Cyber-Forensics and Training Alliance, Neustar, Spamhaus, Team Cymru, Trend Micro and others.

In November 2011, the FBI's Operation Ghost Click led to the arrest of six Estonians allegedly behind the distribution of the DNS Changer malware and thought to be operating the illicit Rove Digital advertising network. The malware hijacked Internet searches and re-routed Web browsers of infected computers to fraudulent sites on Rove Digital's network by altering the DNS settings the computers use to locate websites. Once the rogue servers were turned off, the malware-infected computers that had their settings redirected to them would not have been able to reach the Web.

The DNS Changer Working Group was Grasso's idea to encourage end-user remediation of the malware and to respond to the massive challenge of potentially millions of users losing access to the Web. The group helped monitor the DNS servers that were now legally operated by the Internet Systems Consortium (ISC) under a court order, and as a result, the infected users received a useful message to clean up their machines instead of suddenly dropping off the Internet.

"The FBI recognizes the invaluable assistance the private sector and academia provided through the DNS Changer Working Group," said Joseph M. Demarest, assistant director of the FBI's Cyber Division.

J.D. Falk, an active member of M3AAWG and many other industry organizations, was passionate about safeguarding the Internet, end-user security and the impact of cooperative endeavors. The award named after him recognizes individuals for specific achievements that enhance the Internet experience, protect end-users, and embody his spirit of volunteerism and community building. It is administered by M3AAWG with the support of Falk's employer Return Path Inc. and the Falk family.

Related topics: DNS, Malware, Security