A newly formed non-profit called the Secure Domain Foundation (SDF) says its mission will be to provide free advice on security practices to protect the Internet's core infrastructure related to the Domain Name System.
The SDF is backed by companies that include Facebook, Verizon, Verisign, Enom, Name.com, CIRA, CO Internet, CrowdStrike, the Anti-Phishing Working Group, Emerging Threats, ESET Anti-Virus, DomainTools, Internet Identity, CoCCA, Mailshell, Blacknight Solutions, Foreground Security and the SecDev Group. Based in Canada, SDF was founded by Chris Davis and Norm Ritchie, who have expertise in domain-name security. The SDF is out to combat cybercrime that thrives by exploiting the domain-name system and its registration process to operate criminal command-and-control systems such as dangerous botnets used for nefarious purposes.
“ICANN has recently mandated that domain registrars must validate postal addresses, phone numbers, and e-mail addresses that are provided as contact information during the domain registration process,” says Norm Ritchie, chairman of the SDF. He says the SDF is proving a free service to validate the contract registration data provided and also let the registrar and registry know if that data was used previously in relation to cybercrime. SDF says it has compiled an extensive database about malicious domains and actors.
+ ALSO ON NETWORK WORLD U.S. government to end formal relationship with ICANN | Network Solutions investigating DNS hijack +
The SDF will first begin assisting the various organizations acting as domain name registrars, registries, ccTLD operators and gTLD operators to help them fight cybercrime that exploits the Internet domain name system. In the coming months, the SDF plans to expand services to hosting providers, DNS operators, CERTS, law enforcement and other Internet infrastructure operators.
“Beyond our current offering of tools and services, we are also dedicated to raising the cost and risk of cybercrime,” says Davis, president of the SDF. “With our partners, we analyze hundreds of thousands of malware samples daily and actively engage with registries, registrars and hosting providers to shut down the criminal command and control infrastructure. Our staff of volunteer researchers and analysts work tirelessly to provide criminal attribution intelligence to the proper law enforcement organizations and help bring these criminals to justice.”
Ellen Messmer is senior editor at Network World, an IDG website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: email@example.com