ICANN Meeting San Francisco: Forum on DNS Abuse

Representatives from CADNA are attending the ICANN meeting in San Francisco and will be blogging about their observations. Check back here for updates, and follow our tweets @CADNA.

Today’s Forum on DNS Abuse was divided into two parts: the first featured law enforcement professionals discussing developments in the fight against DNS abuse and the second featured representatives from the private sector discussing the implications of domain name blocking and take-downs.

Part 1: Latest Developments in the Fight against DNS Abuse

The first part of the forum was paneled by Richard Boscovich of Microsoft’s Digital Crimes Unit, Joe St. Sauver of the University of Oregon, Michael Moran of INTERPOL, Terri Stumme of the U.S. Drug Enforcement Administration, Glenn Watson of the U.S. Food and Drug Administration and Bobby Flaim of the U.S. Federal Bureau of Investigation. Each speaker discussed how DNS abuse affects his or her agency and that agency’s tactics for addressing abuse and pursuing criminals who exploit the DNS to perpetrate crimes online. 

Richard Boscovich pointed out that one of the biggest challenges law enforcement currently faces is botnets. Many criminals use botnets to continually register domain names via an algorithm, which provides an infrastructure for criminals to commit nefarious acts. Some major obstacles that law enforcement faces are inaccurate WHOIS data, and jurisdictional issues when registrars are located overseas.

The other panelists went into more depth about the specific types of crimes their agencies deal with, from INTERPOL’s efforts to shut down child pornography to the U.S. DEA and FDA’s dealings with online pharmacies distributing illegal or counterfeit prescription drugs. The common sentiment was hopeful, but realistic – while law enforcement has come very far in terms of policing DNS abuse and the crimes that exploit the DNS, criminals continue to evolve their methods and law enforcement still has a long way to go.

Part 2: Implications of Domain Name Blocking and Domain Name Take-Downs

The second portion of the forum featured Ram Mohan of Afilias, Christine Jones of GoDaddy, Marc Rotenberg of ICANN’s At-Large Advisory Committee and Bjorn-Erik Ludvigsen of INTERPOL. Ram Mohan began the discussion by iterating that domain name take-downs and blocking can be an effective way to prevent crime, but both have their drawbacks. Take-downs get at the root of the crime, but can only be executed on a one-at-a-time basis. Blocking, on the other hand, is more of a broad stroke solution, but can be a disproportionate response to the crimes.

Christine Jones continued by enumerating GoDaddy’s efforts to address DNS abuse among its own domain names, and encouraged industry-wide action. Prevention against DNS abuse must begin in the domain name industry, because law enforcement simply cannot keep up with the abuses. Bjorn-Erik Ludvigsen of INTERPOL echoed this sentiment somewhat, saying that preventative measures are much more effective and scalable in the long term than prosecuting each crime individually.

Because everything on the Internet depends on the DNS, it is encouraging to see the innovative tactics law enforcement is using to pursue DNS abuse, and to see the private sector working to augment these efforts. The problem, however, will never be resolved as long as there remain registrars who serve as safe havens to criminals by not enforcing against DNS abuse.

Leave A Reply

Your email address will not be published. Required fields are marked *