There is no rest for the wicked. If you think that 2018 was the climax of cybercrime, wait until you see what happens in the next few years as cybercriminals are constantly learning new ways to strike. Take for instance domain-related attacks now coming in a variety of forms. There's domain hijacking which involves gaining of access to domains and making changes without owners' permission. You have typosquatting where phishing is often utilized to steal valuable information. more
Who would think that so much could go wrong with something as seemingly innocent as a domain name? As cybercrime continues to evolve, causing devastating reputational and financial losses to businesses and organizations, web addresses are used as a weapon -- and it's not always easy to notice their many faces. In this article, let's take a look at the domain name crime landscape, discuss the current challenges investigators and legitimate registrants face, and talk about some useful techniques. more
David Redl has written to ICANN in relation to the ongoing work around whois and GDPR. The letter, which was shared with the GNSO Council last night, is a mixed bag. On the one hand, it offers the carrot in relation to what's been done so far, but then there's the not so veiled threat, which isn't a revelation by any means, of "domestic legislation." more
The ICANN 64 meeting in Kobe concluded two weeks ago, and we are no closer to accessing WHOIS data critical for law enforcement, cybersecurity threat investigators, intellectual property owners, or other consumer protection advocates who rely on the data to act quickly against online abuse in the domain name system. Instead of a balanced approach to WHOIS that serves the public interest, the ICANN Board is set to approve a new global policy that fails to even fully acknowledge critical... more
The ICANN community recently gathered in Kobe, Japan for its first meeting of the year and it was certainly a busy week for attendees. Much of the meeting centered around the work of the Expedited Policy Development Process (EPDP) to address gTLD registration data. As a member of the EPDP team, we had been hard at work since being formed in August of 2018. Just prior to the Kobe meeting, we published the phase 1 Final Report. more
Want to be a cybersleuth and track down hackers? It may sound ambitious considering that malevolent entities are extremely clever, and tracing them requires certain skills that may not be easy to build for the typical computer user. But then again, the best defense is offense. And learning the basics of sniffing out cybercriminals may not only be necessary nowadays, it has become essential for survival on the Web. So where can you begin? more
Opposing parties continue to debate whether WHOIS should stay after the General Data Protection Regulation (GDPR) took effect across the EU in May 2018. While the Internet Corporation for Assigned Names and Numbers (ICANN), which oversees WHOIS, is looking for ways to be GDPR compliant, experts from various fields are contemplating the problems pointed out by officials. more
The new year has only just begun, but the work of ICANN's Expedited Policy Development Process for gTLD Registration Data (EPDP for short) is already in full swing. The team just wrapped up several days of meetings in Toronto and I thought it would be a good time for an update on where we are in the process. Before I go any further, I would be remiss if I didn't again take the opportunity to thank the ICANN team supporting our efforts. more
It is once again time for our annual review of posts that received the most attention on CircleID during the past year. Congratulations to all the 2018 participants for sharing their thoughts and making a difference in the industry. more
Well, it's that time of year again. The time of year when I look back at all of the biggest domain news stories from the last twelve months, and also reflect on my predictions from last year. As expected, GDPR has had a major impact on the ability to access domain ownership information. And we did indeed see a number of M&A transactions over this last year. However, there wasn't a lot of new .Brand activity. This is one prediction where I may have missed the mark... more
Accessing Whois information and acting on a litigious domain name is becoming a nightmare for law enforcement agencies. Law enforcement agencies must have an access to the information provided by registrants in the Whois database and, in specific cases, have authority to act FAST on a domain name. The EU has a solution for this and it's coming in 2020. more
M3AAWG, the Messaging, Malware, and Mobile, Anti-Abuse Working Group and APWG, the Anti-Phishing Working Group, surveyed their members about recent WHOIS changes. With over 300 results from security researchers, it's the broadest report yet on WHOIS use. The survey results confirm our concerns that WHOIS was a vital resource for security research, and its loss is a serious and ongoing problem. more
In order for the Internet to function properly, there has to be "trust". Trust in "online" is something that has ebbed and flowed over the years, but over the past two decades more and more of our daily lives are linked closely to "digital". Our banks encourage us to use online banking and their mobile apps. Government agencies share (and collect) information from private citizens and businesses online. And of course we all do more and more of our shopping online... more
The application of the European General Data Protection Regulation (GDPR) to the DNS is a hot topic within the ICANN community. However, since the implementation of the GDPR on May 25th, 2018, there has been little public data on: how many WHOIS data requests have been made at the registry level, and; how the registries are handling them. To further the factual and evidence-based discussion within the ICANN community, we gathered quantitative data about WHOIS access post-GDPR... more
Three months after implementation of the European Union's (EU) General Data Protection Regulation (GDPR), the World Intellectual Property Organization's (WIPO) Arbitration and Mediation Center has expanded and updated its already helpful web page with important questions and answers about how the GDPR is impacting the Uniform Domain Name Dispute Resolution Policy (UDRP). more
A World-Renowned Source for Internet Developments. Serving Since 2002.
