Messaging Anti-Abuse Working Group (M3AAWG); Anti-Phishing Working Group
ICANN GDPR WHOIS Policy Eliminates Pre-Emptive Protection of Internet Infrastructure Abuse; Obstructs Routine Forensics to Cybercriminals’ Advantage
CAMBRIDGE, Mass. and SAN FRANCISCO, Nov. 06, 2018 (GLOBE NEWSWIRE) -- A joint APWG-M3
AAWG survey of cybercrime responders and anti-abuse personnel indicates ICANN’s Temporary Specification for domain name WHOIS data has eliminated interventions that previously allowed investigators to stop new cybercrimes while still in the preparatory stages -- and has markedly impeded routine mitigations for many kinds of cybercrimes. The survey
was submitted to ICANN on Oct. 18 by the Anti-Phishing Working Group and the Messaging, Malware and Mobile Anti-Abuse Working Group.
With responses from 327 professionals, the survey revealed that losing the ability to attribute domain names to criminals or victims of abuse has irreparably eliminated their capacity to issue warnings about new abuses that known bad actors are perpetrating, even when the WHOIS registrant data is pseudonymous, according to Peter Cassidy, APWG Secretary General.
ICANN’s Temporary Specification for gTLD Registration Data, established in May in response to the European Union’s General Data Protection Regulation (GDPR), impedes investigations of cybercrime – from ransomware attacks to distribution of state-sponsored strategic disinformation. Analyses of responses from the survey reveal that:
- Cyber-investigations and mitigations are impeded because investigators are unable to access complete domain name registration data.
- Requests to access non-public WHOIS by legitimate investigators for legitimate purposes under the provisions of the Temp Spec are routinely refused.
“The biggest impact has been to determine who has registered a criminal/fraudulent domain, and the ability to use that information to find other domains registered by the same actor. That devastates our ability to find all of the fraudulent domains registered by the same entity,” one typical respondent wrote in the APWG-M3 AAWG GDPR WHOIS User Survey report.
APWG and M3 AAWG concluded their analysis with recommendations for ICANN to:
- Establish a mechanism for WHOIS data access by accredited, vetted qualified security actors.
- Restore redacted WHOIS data of legal entities .
- Adopt a contact data access request specification for consistency across registrars and gTLD registries.
- Establish a WHOIS data access scheme that does not introduce delays in collecting or processing and is not burdened by per-request authorizations.
- Reassess the current redaction policy and consider replacing restricted personal data with secure hashes that can be used as a proxy for tracing criminal actors across data resources.
- Publish point of contact email addresses to provide investigators with an effective means of identifying domains associated with a victim or person of interest in an investigation .
The full survey can be found at http://www.m3aawg.org/WhoisSurvey2018-10 .
About the APWG
The APWG (www.apwg.org ), founded in 2003 as the Anti-Phishing Working Group, is the global industry, law enforcement, and government coalition focused on unifying the global response to electronic crime. Membership is open to qualified financial institutions, online retailers, ISPs and Telcos, the law enforcement community, solutions providers, multi-lateral treaty organizations, research centers, trade associations and government agencies. There are more than 2,200 companies, government agencies and NGOs participating in the APWG worldwide.
APWG advises hemispheric and global trade groups and multilateral treaty organizations such as the European Commission, the G8 High Technology Crime Subgroup, Council of Europe's Convention on Cybercrime, United Nations Office of Drugs and Crime, Organization for Security and Cooperation in Europe, Europol EC3 and the Organization of American States. APWG is a member of the steering group of the Commonwealth Cybercrime Initiative at the Commonwealth of Nations.
The Messaging, Malware and Mobile Anti-Abuse Working Group (M3 AAWG) is where the industry comes together to work against bots, malware, spam, viruses, denial-of-service attacks and other online exploitation. M3 AAWG (www.m3aawg.org ) members represent more than one billion mailboxes from some of the largest network operators worldwide. It leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services through technology, collaboration and public policy. It also works to educate global policy makers on the technical and operational issues related to online abuse and messaging. Headquartered in San Francisco, Calif., M3 AAWG is driven by market needs and supported by major network operators and messaging providers.
Anti-Phishing Working Group
Peter Cassidy, 617-669-1123
AAWG (Messaging, Malware and Mobile Anti-Abuse Working Group)
Linda Marcus, 714-974-6356,
Information om Globenewswire
Følg pressemeddelelser fra Globenewswire
Skriv dig op her, og modtag pressemeddelelser på e-mail. Indtast din e-mail, klik på abonner, og følg instruktionerne i den udsendte e-mail.
Flere pressemeddelelser fra Globenewswire
INVNT19.3.2019 14:32:16 CET | Pressemeddelelse
INVNT Recognised for Xero and TEDxSydney Work at The Event Marketing Awards 2019
Crocus Technology19.3.2019 13:01:49 CET | Pressemeddelelse
Crocus Technology Unveils its 2nd Generation TMR Linear Sensor with Unparalleled Temperature Stability
Graduate Management Admission Council19.3.2019 09:01:37 CET | Pressemeddelelse
Despite Brexit Uncertainty, Business Schools in UK Continue to See Strong International Demand
Patton Electronics Co.19.3.2019 05:01:27 CET | Pressemeddelelse
Validated with Microsoft Skype for Business, Patton Delivers Cloud-Powered Integration
Jobindex A/S18.3.2019 22:08:24 CET | Pressemeddelelse
Jobindex Årsrapport for 2018
Abeona Therapeutics Inc.18.3.2019 21:46:12 CET | Pressemeddelelse
Abeona Therapeutics Reports Fourth Quarter and Full Year 2018 Financial Results
I vores nyhedsrum kan du læse alle vores pressemeddelelser, tilgå materiale i form af billeder og dokumenter samt finde vores kontaktoplysninger.Besøg vores nyhedsrum