Home / Industry

Is Your TLD Threat Mitigation Strategy up to Scratch?

When it comes to operating a TLD, ensuring your namespace is free of malicious activity should be a particular area of focus if you would like to maintain your reputation as a trusted destination online. Equally, this is a topic of increasing importance for ICANN who continue to drive TLDs to provide safer and safer namespaces.

There has been much discussion of the security requirements laid out in the ICANN Registry Agreement — and in particular, the security obligations outlined in Specification 11 that includes a requirement that TLD operators "periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats", as well as maintaining "statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks...and [providing] them to ICANN upon request."

This key specification within the Registry Agreement framework aims to prevent new TLDs from being misused for abusive activity such as phishing, malware, and botnets, and to create provisions to supply reports on such activity when requested.

For many TLD operators — particularly .brand TLDs for whom the world of domain names and ICANN is foreign territory — attempting to minimise malicious activity in their namespace without outside help can be a full-time task in itself. At Neustar, we recognised this challenge among our own TLDs and developed a Registry Threat Mitigation Service (RTMS) that is already in use for the .co, .biz, .nyc and .neustar TLDs, as well as many of our client's TLDs.

Rightside Registry, backend provider to many of the world's most recognized TLDs such as .news, .rocks and .ninja is one such Registry Operator who recently signed with Neustar to use the RTMS platform. In evaluating the market for similar services, Rightside recognised the importance of choosing a robust system that minimises their operational workload and continually evolves.

Alan Woods, Compliance Manager at Rightside Registry, explained why they chose Neustar's RTMS.

"Rightside has been a leader in promoting safe namespaces and has been actively working to improve our ability to protect our TLDs from abusive behavior," said Mr. Woods. "Neustar's RTMS provides a robust platform that integrates into our day-to-day workflows."

The interpretation of Specification 11 has raised some questions, leading to ICANN's current work on a clarification document. In addition to this the Public Safety Working Group (PSWG) and representatives from registries and registrars have been working to develop a security framework for TLD operators to provide non-binding, best practice guidelines.

Some Registries have not yet made arrangements for dealing with malicious activity in their namespaces. This is an example of another operational aspect of being a Registry Operator that can consume vast amounts of time and effort and still leave you vulnerable if you try to take it on yourself. Whichever way you choose to address it, if you haven't been actively maintaining a clean and safe namespace and compiling records, now would be a good time to review your options.

Written by Corey Grant, Senior Advisor, Professional Services at Neustar.

Neustar

About Neustar – Every day, the world generates roughly 2.5 quadrillion bits of data. Neustar isolates certain elements and analyzes, simplifies and edits them to make precise and valuable decisions that drive results. Learn More

Related topics: Cyberattack, Cybersecurity, DDoS, DNS, DNS Security, Malware, Top-Level Domains

 
   

Don't miss a thing – get the Weekly Wrap delivered to your inbox.

Related Blogs

Related News

Explore Topics

Dig Deeper

Mobile Internet

Sponsored by Afilias Mobile & Web Services

IP Addressing

Sponsored by Avenue4 LLC

DNS Security

Sponsored by Afilias

Cybersecurity

Sponsored by Verisign

Promoted Posts

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s. more»

Industry Updates – Sponsored Posts

Radix's .TECH, .STORE, .ONLINE and .FUN Get Approval from the Chinese Government

Join Neustar's Town Hall Meeting and Help Shape the Future Of .US

Domain Registrations Reach 331.9 Million, 6.7 Million Growth Year over Year

.brands Spotlight: Banking and Finance Industries

Google Buys Business.Site Domain for 'Google My Business'

Radix Announces Global Web Design Contest, F3.space

Global Domain Name Registrations Reach 330.6 Million, 1.3 Million Growth in First Quarter of 2017

.TECH Gets Its Big Hollywood Break

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Attacks Decrease by 23 Precent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

.PRESS Supports Press Freedom Day for 3rd Consecutive Year

Leading Internet Associations Strengthen Cooperation

5 Afilias Top Level Domains Now Licensed for Sale in China

Radix Announces Largest New gTLD Sale with Casino.Online

2016 Year in Review: The Trending Keywords in .COM and .NET Domain Registrations

Global Domain Name Registrations Reach 329.3 Million, 2.3 Million Growth in Last Quarter of 2016

A Look at How the New .SPACE TLD Has Performed Over the Past 2 Years

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Neustar to be Acquired by Private Investment Group Led by Golden Gate Capital

Startup League Reports from WebSummit, Lisbon