How registrars tackle domain name abuse
Cybercriminals worldwide are amassing domain names to keep their botnet and phishing operations a step ahead of authorities
America’s 10 most-wanted botnets
To obscure their tracks, the criminals register the domain names using phony information, pay with stolen credit cards and hack into legitimate domain-name accounts. Adding to the problem of domain-name abuse, some rogue registrars often look the other way as the money rolls in. (See related story, “Domain-name abuse proliferates; rogue registrars turn a blind eye”)
Today’s cosmopolitan criminals might use “a registrar in China and a Web-hosting company in Russia and a registry in Ireland,” says Ram Mohan, CTO at Dublin-based registry services provider Afilias. The target is usually “a consumer in America.”
Accredited by ICANN for the .info generic top-level domain (gTLD), Afilias helped organize the Registry Internet Safety Group to find ways to improve security.
Mohan says Afilias has seen about 250,000 domain names taken down in the past 2.5 years because they were deemed to be maliciously used. At first the registrars Afilias works with were not too happy to see domain names suspended, but many have come around to see the wisdom in taking action to stop perceived criminal activity, he says.
In the past, standard contracts between ICANN and registrars didn’t address domain-name abuse head-on. (Mohan estimates there about 2,000 registrars and retail channels for domain names globally today.) But Afilias successfully lobbied to have the standard contracts amended so that stringent actions against domain-name abuse could be taken, he says.
Registry services provider Neustar (accredited by ICANN for the .biz gTLD) is also a big believer in tackling domain-name abuse, which after all, hurts the bottom line. Three years ago, Neustar hired a legal team to handle domain abuse questions and set up an internal, isolated networking lab to make determinations to a “near certainty” about a domain name being used for objectionable purposes, says Jeff Neuman, vice president of law and policy at Neustar.
Under its contracts with registrars and ICANN, Neustar can proactively say to a registrar, with a full report, “you have 12 hours to take down that domain name or we will do it,” he says. ICANN has a more informal process for trying to curb domain-name abuse, but that may eventually change, Neuman believes.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
domain name
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
