Cybercrime

Cybercrime / Recently Commented

Narcotics Traffic Is Not Part of a Healthy Domain System

A stack contrast is emerging within the DNS between providers who tolerate blatantly illegal domain use and those who do not. Our study, just published here focuses on five U.S.-based providers, their policies, and their response to reports of opioid traffic within their registry or registrar. There are many providers, not covered here, who removed hundreds of domains selling opioids and I applaud their efforts. more»

We Urgently Need a New Internet

Let's be honest about it. Nobody -- including those very clever people that were present at its birth -- had the slightest idea what impact the internet would have in only a few decades after its invention. The internet has now penetrated every single element of our society and of our economy, and if we look at how complex, varied and historically different our societies are, it is no wonder that we are running into serious problems with the current version of our internet. more»

ICANN Fails Consumers (Again)

In its bid to be free of U.S. government oversight ICANN is leaning on the global multistakeholder community as proof positive that its policy-making comes from the ground up. ICANN's recent response to three U.S. senators invokes the input of "end users from all over the world" as a way of explaining how the organization is driven. Regardless of the invocation of the end user (and it must be instinct) ICANN cannot seem to help reaching back and slapping that end user across the face. more»

Should You Pay Ransomware Demands?

Ransomware is a huge problem for small and medium businesses, and the most important question is this: should you pay the ransom? Ransomware has proven a successful revenue generator for criminals, which means the risk to businesses will grow as ransomware becomes more sophisticated and increasing numbers of ethically challenged criminals jump on the bandwagon. more»

Internet Governance Outlook 2017: Nationalistic Hierarchies vs. Multistakeholder Networks?

Two events, which made headlines in the digital world in 2016, will probably frame the Internet Governance Agenda for 2017. October 1, 2016, the US government confirmed the IANA Stewardship transition to the global multistakeholder community. November 2, 2016, the Chinese government announced the adoption of a new cybersecurity law which will enter into force on July 1, 2017. more»

Trust Isn't Easy: Drawing an Agenda from Friday's DDoS Attack and the Internet of Things

Last week, millions of infected devices directed Internet traffic to DNS service provider Dyn, resulting in a Distributed Denial of Service (DDoS) attack that took down major websites including Twitter, Amazon, Netflix, and more. In a recent blog post, security expert Bruce Schneier argued that "someone has been probing the defences of the companies that run critical pieces of the Internet". This attack seems to be part of that trend. This disruption begs the question: Can we trust the Internet? more»

New Trojan Used in High Level Financial Attacks, Multiple Banks Attacked

Since January 2016, discreet campaigns involving malware called Trojan.Odinaff have targeted a number of financial organizations worldwide, warned Symantec Security Response team on Tuesday. more»

Maintaining Security and Stability in the Internet Ecosystem

DDoS attacks, phishing scams and malware. We battle these dark forces every day - and every day they get more sophisticated. But what worries me isn't just keeping up with them, it is keeping up with the sheer volume of devices and data that these forces can enlist in an attack. That's why we as an industry need to come together and share best practices - at the ICANN community, at the IETF and elsewhere - so collectively we are ready for the future. more»

DDOS Attackers - Who and Why?

Bruce Schneier's recent blog post, "Someone is Learning How to Take Down the Internet", reported that the incidence of DDOS attacks is on the rise. And by this he means that these attacks are on the rise both in the number of attacks and the intensity of each attack. A similar observation was made in the Versign DDOS Trends report for the second quarter of 2015, reporting that DDOS attacks are becoming more sophisticated and persistent in the second quarter of 2016. more»

Cheers! Registries and Registrars Doing the Right Thing by Patients

Domain name registration is a hot industry. Registrars represent a growing multi-billion dollar industry with the keys to the Internet for any organization hoping to have a web presence. Further, because of their role as one of the gatekeepers to the Internet, registrars have the unique ability and are often asked to take action against illegal activity online. This fact was highlighted in the report released this week by the Office of the U.S. Trade Representative, the 2015 Out-of-Cycle Notorious Markets List. more»

Internet Pharmacy Safeguards, We Salute You

As I wrote in December 2015, some Internet commerce companies - including domain name registries, registrars, advertising providers, social media platforms, payment processors and shippers - are doing right by patients in taking voluntary action against illegal online drug sellers. This is no small feat as 97% of the roughly 35,000 active online drug sellers are operating illegally. more»

Protecting the Health of Internet Users: Q&A with .pharmacy

Sue Schuster from Neustar Registry Services sits down with Carmen A. Catizone, MS, RPh, DPh Executive Director of the National Association of Boards of Pharmacy (NABP) for online pharmacies and prescription-only medications to chat about the benefits this exciting new partnership and what it means for members and consumers. more»

Feds Shut Down Largest File-Sharing Site KickassTorrents - Founder Arrested, Domains Seized

"U.S. Authorities Charge Owner of Most-Visited Illegal File-Sharing Website with Copyright Infringement" – statement issued by United States Department of Justice on Thursday: "U.S. authorities have charged the alleged owner of today's most visited illegal file-sharing website with criminal copyright infringement and have seized domain names associated with the website." more»

DNS and Stolen Credit Card Numbers

FireEye announced a new piece of malware yesterday named MULTIGRAIN. This nasty piece of code steals data from Point of Sale (PoS) and transmits the stolen credit card numbers by embedding them into recursive DNS queries. While this was definitely a great catch by the FireEye team, the thing that bothers me here is how DNS is being used in these supposedly restrictive environments. more»

The Cock and the Goat: ICANN in the Age of Horrorism

Like everyone else, former ICANN board members have been preoccupied by the horrific November 13th, 2015 attacks on Paris, France, by a bunch of cold-blooded mass murderers. Our email list discussion of the Paris attacks covered a number of issues, including the inevitable question: what, if anything, should ICANN do in response? Some list subscribers concluded that the events had nothing to do with ICANN's mission, and that we should just sigh and move on. Others, on the other hand, said: not so fast, it would serve ICANN well to take a closer look at the matter, and its ramifications on wider world of ICANN.  more»