Home / Blogs

The World of Internet Threats Is Constantly Changing

Don't miss a thing – sign up for CircleID Weekly Wrap newsletter delivered to your inbox once a week.
Don Blumenthal

The world of Internet threats has changed continually over the years. From the time that a "worm" first showed up in the wild, or whenever someone penetrated a system without authorization for the first time, various forms of attacks and malware have presented dangers to the system and those who use it.

Different vectors have received varied focus over the years. Distributed Denial of Service (DDoS) attacks and botnets have received significant headlines recently. Many parts of the Internet community have been involved in addressing relevant issues and fostering efforts to combat them. Public Interest Registry has made it a priority to be part of those efforts. We have been active generally among the anti-abuse community, attending programs such as at the National Cyber Forensics and Training Alliance in Pittsburgh, PA, and the Organization of American States in Washington, DC. We also sponsored and participated in a DDoS forum, Mitigating DDoS Attacks, A Global Challenge, in New York last December, as well as anti-botnet workshops conducted by the Online Trust Alliance.

Most recently, we have worked to foster conversations through organizing panels at Anti-Phishing Working Group meetings in San Juan, Puerto Rico, and Buenos Aires, Argentina. These panels brought experts together from around the world so that they could share their experience and expertise. The Buenos Aires program, for example, included representatives of the .co and .cl registries, cert.br, a malware researcher from Brazil, a representative of the Argentinian ISP association, and an expert in European anti-malware efforts. A member of the Buenos Aires Metropolitan Police cyber unit also contributed from the floor. In addition, I shared some of what I have learned during my time with Internet law enforcement,the Federal Trade Commission, and subsequent work.

These initiatives did not produce epiphanies on solving botnet issues, and it appears that the problem is not going to be solved through panels, meetings or studies. However, the problem can be addressed through what happens at these events in order to help the work progress forward. Some concepts have been clear through our involvement:

  1. Any activities must be a continuing effort. Botnet and DDoS attack vectors continue to evolve.
  2. Education is essential — whether it be to policy makers, law enforcement, or members of the private sector. Misinformation from speakers, particularly in the policy arena that is so essential to advancing programs and providing resources, is all too frequent at conferences. The problem was apparent at a recent program at which an official overstated the costs of getting a botnet into operation by a factor of 100. It's less difficult than he understood, which could affect resource allocation recommendations that he might make.
  3. Neither the private nor public anti-abuse sector alone holds the solution. They have varying areas of expertise, resources, and authority. Conferences, panels, and other efforts have proven the value of consulting and even working together. They provide knowledge also in addition to key contacts, familiarity, and the trust that is essential to fostering cooperation, especially on efforts that may be sensitive.
  4. No one government or nation's private community holds the solution. The Internet and threats to it obviously cross borders. It perhaps is easier for the private sector to work cross-border than for law enforcement, but more opportunities must be available that foster the cooperation. This work is important, no onlyfor addressing existing threats where they are long established, but also for information sharing in areas that may be relatively new to organized abuse activities. For example, the United States and Europe are common first thoughts when addressing malware. However, a recent Trend Micro study showed a growing threat level in Latin America.
  5. All sectors of the Internet infrastructure, registries, registrars, ISPs, etc., have parts to play, some of which may or may not fit together. Their ability to attack the problems vary because of such considerations as laws, contracts, and levels of direct contact with corporate or individual victims, but there always is a benefit to knowing about both overlapping and parallel efforts.
  6. Sometimes groups, constituencies, or entities have anti-botnet or other anti-malware efforts that need to be kept insular for various reasons such as pending private lawsuits. These efforts should not be positioned or carried out in a way that threatens the good work of others. Prior communication is essential in order to ensure that a large-scale initiative does not interfere with or destroy other ongoing efforts.

These points are lessons from our observations, and should not be considered a comprehensive list. No list could be, truly because of the changing nature and increasing sophistication of threats to the Internet. For this reason, Public Interest Registry will continue to work with the Internet community to do our part in combatting botnets, DDoS attacks, and other critical threats to the Internet as they evolve.

By Don Blumenthal, Senior Policy Advisor at PIR

Related topics: Cyberattack, DDoS, Registry Services, Malware, Security, Top-Level Domains

 
   

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Sponsored Topics

Promoted Posts

Now Is the Time for .eco

.eco launches globally at 16:00 UTC on April 25, 2017, when domains will be available on a first-come, first-serve basis. .eco is for businesses, non-profits and people committed to positive change for the planet. See list of registrars offering .eco more»

Boston Ivy Gets Competitive With Its TLDs, Offers Registrars New Wholesale Pricing

With a mission to make its top-level domains available to the broadest market possible, Boston Ivy has permanently reduced its registration, renewal and transfer prices for .Broker, .Forex, .Markets and .Trading. more»

Industry Updates – Sponsored Posts

Leading Internet Associations Strengthen Cooperation

5 Afilias Top Level Domains Now Licensed for Sale in China

Radix Announces Largest New gTLD Sale with Casino.Online

2016 Year in Review: The Trending Keywords in .COM and .NET Domain Registrations

Global Domain Name Registrations Reach 329.3 Million, 2.3 Million Growth in Last Quarter of 2016

A Look at How the New .SPACE TLD Has Performed Over the Past 2 Years

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Neustar to be Acquired by Private Investment Group Led by Golden Gate Capital

Startup League Reports from WebSummit, Lisbon

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

2016 U.S. Election: An Internet Forecast

.SPACE Becomes the Choice of the First Ever Space Nation Asgardia

Government Guidance for Email Authentication Has Arrived in USA and UK

ValiMail Raises $12M for Its Email Authentication Service

MarkMonitor Supports Brand Holders' Efforts Regarding .Feedback Registry

Don't Gamble With Your DNS

Why .com is the Venture Capital Community's Power Player

Defending Against Layer 7 DDoS Attacks

Understanding the Risks of the Dark Web

The .cancerresearch TLD: Search for Cure Drives Digital Innovation