• About the Institute
  • Innovation
  • Education
  • Collaboration
  • Events
  • Blog
  • Contact
    • Events
    • Contact
    • Blog
    • NetBeacon
    • DNSAI Compass
    DNS Abuse Institute

    ABOUT US

    Discover who we are and what we do

    INNOVATION

    Learn about our innovative solutions to strengthen the DNS.

    EDUCATION

    Access our resources and discover our projects and research.

    COLLABORATION

    Learn how to join, contribute, and participate!

    Article

    • Home
    • Blog
    • Article
    • The Path to Combatting Abuse

    The Path to Combatting Abuse

    • Posted by Graeme Bunton
    • Categories Article, News
    • Date March 29, 2021

    By Graeme Bunton, Director of the DNS Abuse Institute

    Completely eradicating malware, botnets, phishing, pharming, and spam from the Domain Name System is not possible. That may be an odd statement from someone who just took the leadership position at the DNS Abuse Institute, but it’s meant to underscore the scope of the work ahead of us. There will always be bad actors exploiting the DNS for their own criminal purposes, but working together, we can mitigate their impact.

    This begins with bringing the domain name community and other interested stakeholders together to collaborate on making the DNS safer, and we took an important step in that direction with the inaugural DNS Abuse Forum co-hosted by CircleID.

    Efforts to combat DNS Abuse are not new.

    Leaders came together in 2019 to publish a framework for the industry to address issues, and Public Interest Registry regularly updates its data on DNS Abuse within the .ORG domain name and its takedown efforts. But DNS Abuse forum panelists Ashley Heineman (GoDaddy), Jeff Bedser (iThreat), John Crain (ICANN), and Chris Lewis-Evans (UK National Crime Agency) forged a path for how the industry can be more effective.

    For example, John Crain pointed out that malware and phishing tends to be campaign driven, which means the industry needs to be nimble and organized when it identifies these attacks. That requires greater collaboration.

    Ashely Heineman noted that only a fraction of the DNS Abuse reports that GoDaddy receives are unique, evidenced, and actionable. Improving the quality of abuse reporting will enable Registries and Registrars to be more efficient with their time and efforts.

    One of the challenges raised during the forum was the emergence of reusing domains for abuse. Chris Lewis-Evans pointed out how bad actors will utilize a domain, then park it to keep it under the radar, before deploying it again for phishing or spam emails. Sophisticated techniques are leading to an increase in the resale of victim data, which reinforces the need to combat bad actors.

    Lewis-Evans also pointed out that the number of domains doesn’t equate to the level of harm attributable to abuse. He called for a greater emphasis on educational materials and awareness campaigns and wider and more standardized abuse reporting.

    Jeff Bedser echoed that message, pointing out that the standardization of definitions and escalation paths as well as evidentiary standards are critical to combating abuse, especially reducing the “life cycle” of an abusive domain. He laid out a “best practice” scenario:

    • DNS abuse is reported
    • Abuse is well evidenced
    • Escalation path is followed to appropriate party for action
    • Mitigation occurs within a relatively short period of time
    • Victimization window is reduced

    To achieve this best-case scenario will require a new level of collaboration. As a next step, the Institute will hold a follow-up forum later this spring focused on the overlap of civil society and intellectual property concerns with regard to DNS abuse.

    The Institute welcomes all who want to join our effort to facilitate discussions, raise awareness, and create solutions. One way you can do that is by signing up for the DNS abuse newsletter at dnsabuseinstitute.org. Also, feel free to reach out to me directly via email: Graeme@dnsabuseinstitute.org.

    The domain community will never be able to rest when it comes to DNS Abuse.

    What we can do is work together to develop, harmonize, and propagate best practices that create a safer, more responsible Internet. The Institute is committed to serving in a central role in these efforts.

    Tag:DNS Abuse, DNS Abuse Institute

    • Share:
    author avatar
    Graeme Bunton

    Previous post

    An Institute to Combat Abuse
    March 29, 2021

    Next post

    Introducing the DNS Abuse Institute Advisory Council
    May 17, 2021

    You may also like

    dnsai newsletter image smaller
    DNSAI Newsletter March 2023
    9 March, 2023
    compass-6-months
    DNSAI Compass: Six Months of Measuring Phishing and Malware
    16 February, 2023
    bp phish reports useful
    Best Practice: Making Phishing Reports Useful
    13 December, 2022

    Search

    Categories

    • Article
    • Best Practice
    • DNSAI Compass
    • News
    • Newsletter
    • Report
    • Research
    • Resources
    logo-public-interest-registry-dns-abuse-institute

    The DNS Abuse Institute

    Providing innovative solutions and information that ensure the DNS is safe and secure worldwide.

    Institute

    • About the Institute
    • Innovation
    • Education
    • Collaboration

    Quick Links

    • Blog
    • Contact
    • Privacy Policy
    • NetBeacon
    • DNSAI Compass

    Connect With Us

    Newsletter

    Get the latest DNS Abuse Institute news delivered to your inbox.


    PIR will only use the personal data you submit via this form to contact you regarding the DNS Abuse Institute Newsletter. The information will not be used for any other purpose.

    Please be aware that if you do not consent to the use of your email for this purpose we will not be able to fulfill your request.

    Opt-In *

    * indicates required

    © 2022 Public Interest Registry. All rights reserved.