Home / News

FBI Agent Thomas X. Grasso Receives First J.D. Falk Award for Establishing DNS Changer Working Group

FBI Supervisory Special Agent Thomas X. Grasso – First Recipient of J.D. Falk Award for Establishing DNS Changer Working Group and Protecting End-UsersConvincing competitors, disparate business entities and researchers to collaborate—many donating their services and resources—to protect millions of end-users worldwide is no small feat. Yet FBI Supervisory Special Agent Thomas X. Grasso did just that by quietly working behind the scenes to create the DNS Changer Working Group that saved an inestimable number of end-users from losing access to the Web over the last two years. Recognizing his leadership, Grasso received the inaugural J.D. Falk award on Tuesday at the Messaging, Malware and Mobile Anti-Abuse Working Group 26th General Meeting in Baltimore.

“Tom embodies the kind of personal sense of responsibility and accountability that built the Internet and is vital to its future growth. First, he had the foresight to understand the problem and to realize that something could be done to prevent it. Then it took an enormous commitment of his time and energy to muster the resources and bring dissimilar entities together to accomplish an objective that turned out to be a critical issue for many end-users,” said M3AAWG Co-Chairman Chris Roosenraad.

Grasso created the ad hoc committee based on the relationships and goodwill he had developed over his 12 years working with the Internet industry. He persuaded large corporations to commit time and funds to notify infected customers, and convinced anti-virus vendors, Internet Service Providers and the security research community to cooperate in the project. DCWG members include Georgia Tech, Internet Systems Consortium, Mandiant, National Cyber-Forensics and Training Alliance, Neustar, Spamhaus, Team Cymru, Trend Micro and others.

In November 2011, the FBI’s Operation Ghost Click led to the arrest of six Estonians allegedly behind the distribution of the DNS Changer malware and thought to be operating the illicit Rove Digital advertising network. The malware hijacked Internet searches and re-routed Web browsers of infected computers to fraudulent sites on Rove Digital’s network by altering the DNS settings the computers use to locate websites. Once the rogue servers were turned off, the malware-infected computers that had their settings redirected to them would not have been able to reach the Web.

The DNS Changer Working Group was Grasso’s idea to encourage end-user remediation of the malware and to respond to the massive challenge of potentially millions of users losing access to the Web. The group helped monitor the DNS servers that were now legally operated by the Internet Systems Consortium (ISC) under a court order, and as a result, the infected users received a useful message to clean up their machines instead of suddenly dropping off the Internet.

“The FBI recognizes the invaluable assistance the private sector and academia provided through the DNS Changer Working Group,” said Joseph M. Demarest, assistant director of the FBI’s Cyber Division.

J.D. Falk, an active member of M3AAWG and many other industry organizations, was passionate about safeguarding the Internet, end-user security and the impact of cooperative endeavors. The award named after him recognizes individuals for specific achievements that enhance the Internet experience, protect end-users, and embody his spirit of volunteerism and community building. It is administered by M3AAWG with the support of Falk’s employer Return Path Inc. and the Falk family.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Threat Intelligence

Sponsored byWhoisXML API

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com