CAUCE board member Dave Piscitello talked with host Gary Berman about ransomware on the Unsung Cyber Hero podcast. He shared stories about what has happened, and what you can do about it.
Watch him here: Podcast episode
CAUCE board member Dave Piscitello talked with host Gary Berman about ransomware on the Unsung Cyber Hero podcast. He shared stories about what has happened, and what you can do about it.
Watch him here: Podcast episode
Posted at 16:56 in Technology, Warnings | Permalink
BOSTON, MA - Today, Interisle Consulting Group, a leading organization on the frontlines of cybersecurity issues, released a new report, Domain Name Registration Data at the Crossroads: The State of Data Protection, Compliance, and Contactability at ICANN. This study reveals widespread problems with access to and the reliability of domain name registration data systems (WHOIS). These failures have real-life security implications, which are being seen in the current wave of cybercrime accompanying the COVID-19 pandemic.
Across the Internet, everyone from individual consumers to advocacy groups to law enforcement agencies use domain registration information for vital purposes, including security scanning, problem-solving, and to provide legal and social accountability. “The COVID-19 pandemic has led to a recent explosion of cybercrime, with thousands of new domain names using terms like ‘covid’ or ‘corona’ being used to perpetrate spam, phishing, malware campaigns and to peddle fake products,” said Dave Piscitello, partner at Interisle Consulting Group and editor of the report. “Investigators need quick, unencumbered access to domain registration data to disrupt COVID-themed attacks before they cause losses and harm. The problems our study exposes have made that all but impossible.”
The report was designed to measure the effectiveness and impact of the registration data policies of ICANN (Internet Corporation for Assigned Names and Numbers). Over the course of five months, Interisle analyzed the practices of 23 domain registrars, and how the registrars performed against five key standards. The report details how the registrars failed to meet contractual obligations and contactability goals in 40% of the cases studied, with problems in an additional 16% of cases.
“Domain registration data is supposed to be available in guaranteed, reliable ways. Unfortunately, we documented widespread failures, both technical and legal,” said Greg Aaron, the author of the study. “These problems make it hard to distinguish bad Internet actors from good, severely impacting public security. And they make it harder to communicate and solve a range of other problems, eroding trust on the Internet.”
Other findings show that access to critical registration data has been significantly curtailed over the past two years, and ICANN compliance problems. The report also recommends actions that can be taken to ensure a healthy Internet and naming system. The full report can be found at: http://interisle.net/domainregistrationdata.html .
ABOUT INTERISLE CONSULTING GROUP
Interisle Consulting Group is comprised of experienced practitioners with extensive track records in industry and academia and world class expertise in business and technology strategy, Internet technologies and governance, financial industry applications, and software design. Interisle is focused on resilient systems, networks, and organizations, and the research it conducts for clients frequently leads to insights with lasting significance. More information is available at www.interisle.net.
Posted at 13:20 in Press Releases, Technology, World | Permalink
Tags: Coronavirus, COVID-19, cybercrime, Fraud, registrations
In this report, we study "bulk registration misuse" by criminal actors. Bulk registrations refers to the practice of rapidly acquiring domain names, using these in an attack, and abandoning them as if they were throw-away ("burner") phones. These domains are a critical resource for cyber criminals.
We use reputation block list (RBL) data to reveal how the use of bulk registrations, coupled with the crippling of registration data access by the ICANN Temp Spec for Whois, presents cybercrime investigators with the dual impediments of harder-to-pursue criminal activity and harder-to-obtain information about the criminals. From our analyses of sample RBL data for five Top-level Domains we:
Posted at 17:55 in Technology | Permalink
http://www.circleid.com/posts/20180905_gdpr_didnt_affect_spam_not_so_fast/
Posted at 14:25 | Permalink
It is with a heavy heart that we note the passing of dear friend, colleague and member of the CAUCE board board of directors, Don Blumenthal on September 28, 2019 in Ann Arbor, Michigan. He was 67.
Don was an anti-spammer for as long a there was an anti-spam community: he helped design, deploy and maintain the famous ‘Spam Fridge’, the repository of junk email maintained by the Federal Trade Commission (FTC). He contributed the wisdom he gleaned from that experience to the design process of Canada’s Spam Freezer.
Don Blumenthal later worked at the Public Interest Registry (PIR.org) maintaining anti-abuse work for the .ORG TLD
Don was a welcome, active participant to the Anti-Phishing Working Group (APWG.org), at the meetings held by the Messaging Anti-Abuse Working Group (M3AAWG.org), the Internet Corporation for Assigned Names and Numbers (icaan.org) and, of course, he was a long-time board member of the Coalition Against Unsolicited Commercial Email (CAUCE.org).
His interests also lay outside the realm of anti-abuse work, Don was a football scout for the Oakland Raiders.
Don Blumenthal worked tireless to make the Internet a better place, had a considerable degree of success doing so, and he will be sorely missed by us all. Simply put, he was a tremendously nice guy.
Rest in peace, Don.
Posted at 21:48 in History, Legal, News, United States, World | Permalink | Comments (2)
Cybercrime & Doing Time // Gary Warner :
Operation: ReWired
On September 10, 2019, the Department of Justice announced that 281 arrests related to Business Email Compromise had been made, with 74 of those arrested being in the United States. It will take some time to track down the names of all of those arrested, as many of the arrests were overseas. Twenty-three US Attorneys Offices participated in the Operation, although only five sets of arrests were discussed in the Department of Justice Press Release about Operation ReWired. While we work to obtain the rest of the information, we'll go ahead and share some details from those already made public in the Press Release. >> MORE
Posted at 07:13 | Permalink
At the Certified Senders Alliance summit in Cologne Germany, CAUCE president John Levine talks about international email and its security.
John explained that, EAI is being used by literate computer users who cannot read English characters. He gave India as an example? in the state of Rajasthan, the Indian government is currently handing out email addresses in Hindi.
In the past, email addresses were all ASCII, but now they can be in UTF-8 encoded Unicode. A complication with Unicode is that there can be several ways to create a Unicode character (e.g. an ?can either be encoded as a character in its own right, or as an a followed by an accent). For human readers, this makes no difference to understanding the character, but for computers that can be difficult.
Some mail systems accept EAI mail, but many still don't. As a result, EAI senders need to be prepared for their email to fail if they are sending to ASCII recipients.
EAI is on the way. It is going to be popular, particularly in countries like Thailand and India, where there is a literate population that does not read or write English. And finally, it is not difficult, but it is important to get ready.
Posted at 17:58 in Technology, World | Permalink
Tags: Certified Senders Alliance, international email
Spam infrastructures have evolved to become formidable means of delivery of a diverse and growing set of cyber attacks, from financial fraud and business compromise to political influence and malware campaigns. Central to these attacks is an ever increasing dependency on and exploitation of domain names and the domain name system (DNS).
We welcome Dave Piscitello, formerly VP of Security at the Internet Corporation for Assigned Names and Numbers (ICANN) to the CAUCE Board. Since 2005, Dave has been practicing at the nexus of domain abuse and mitigation. He has been instrumental in bringing operational security, law enforcement, and Internet Identifier communities together to confront abuses of the Internet name space. Dave has sought to raise cross-community awareness of abuses and misuses of domain names and the DNS by studying and calling attention to policy vacuums and weaknesses, by promoting abuse reporting systems that can help governance bodies and lawmakers make informed decisions , and by delivering DNS investigations training programs for law enforcement.
With the rapid evolution of spam and threats to consumers CAUCE has recruited two industry veterans to round out our board and continue being the consumer voice to Law Enforcement and Regulatory communities around the world.
We would like to welcome Allison Nixon, Director of Security Research at Flashpoint and Tom Grasso, Supervisory Special Agent at the FBI to the CAUCE board.
Allison is a threat researcher, verifier of leaks, and hunter of humans. She has been a background source for numerous investigations and articles that focus on the post-breach issue of "who dunnit?". She performs original threat research and is at the forefront of answering questions that people have not yet thought to ask. In 2013, she spoke at Blackhat about bypassing DDOS protection. In 2014, she released a paper detailing methods for vetting leaked data. She has been looking into the issue of "booters" and DDOS services. She researches DDOS attribution, cybercrime attribution, and criminal communities. In her spare time she grows tomatoes and makes puns. | |
Tom has been a FBI Agent since 1998 and has worked for the FBI’s Regional Computer Crime Squad in Chicago and the High Technology Crimes Task Force in Pittsburgh. He has also served as the FBI Liaison to the CERT/CC at Carnegie Mellon University. Mr. Grasso is now part of the FBI’s Cyber Division and is assigned to the National Cyber-Forensics and Training Alliance (NCFTA) in Pittsburgh, a joint partnership between law enforcement, academia, and industry. Mr. Grasso is also an Adjunct Professor of Criminology at La Roche College in Pittsburgh. |
It goes without saying that we are all very excited with these additions.
Standing Committee on Industry, Science and Technology
Review of CASL, Canada's Anti-Spam Law
Hour 1: Privacy Commissioner of Canada
Hour 2: Neil Schwartzman & Matthew Vernhout, CAUCE.org
http://parlvu.parl.gc.ca/XRender/en/PowerBrowser/PowerBrowserV2/20171024/-1/28163