IGF-USA 2010 Workshop- E-Crimes and Malicious Use in the DNS: Implications and Observations
The online world and the Internet are continuing to expand at exponential rates. As more and more users and more applications move into the online world with the expansion of broadband and mobile, concerns about online crimes and malicious threats to the Internet and to users also grow. This workshop was established to examine the range and scope of online crimes and malicious use of the Domain Name System. For instance, scam artists host websites with false information or a phisher registers a domain intended to resemble a famous brand. Consumers and businesses can be victims of abuse, and legitimate service providers are seeing crime and fraud in the network. The use of DNS security (DNSSEC) is part of a mitigation strategy.
Details of the session:
Every time an individual pulls up a webpage or website, the Domain Name System is used.
Moderators and industry leaders met at an IGF-USA 2010 workshop titled E-Crimes and Malicious Use in the DNS: Implications and Observations.
Panelists participating in the discussion noted that malicious use and criminal behavior in the DNS is not acceptable, but they did not come up with any clear conclusions regarding new ways to better control these problems.
The moderator of the event was Jim Galvin, director of strategic relationships and technical standards for Afilias. Panelists included Garth Bruen, founder of KnujOn; Doug Isenberg, attorney at law with GigaLaw Firm; Shaundra Watson, counsel for international consumer protection at the Federal Trade Commission; John Berryhill, intellectual property lawyer; Bobbie Flaim, special agent with the FBI; Margie Milam, senior policy advisor for ICANN; and Matt Serlin, senior director of domain management at MarkMonitor.
The panelists agreed the abuse of the DNS is not a regional issue nor is it confined to a particular sector of the Internet. The crimes occur across multiple jurisdictions and affect a variety of individuals.
Some shared anecdotes about incidents where collaboration with other entities gave way to resolving a major DNS violation.
-Anna Johnson, http://www.imaginingtheinternet.org