The Microsoft action against 3322.org, a Chinese company, started with the news that computers were infected during the production phase. Stepping away from the controversy surrounding the approach, there are important lessons that cyber security officials and upper management, deciding on the level of and budget for cyber security in organisations should learn and take into account. I'm writing this contribution from a premise: China uses the fact that most IT devices are built in China to its advantage. Allow me to start with an account from personal memory to set the stage. more
United Against Nuclear Iran (UANI) is an advocacy group that, among other things, tries to isolate Iran by pressuring businesses and organizations to stop doing business with Iran. This week they turned their attention to ICANN and RIPE to try to cut off Internet access to Iranian organizations. Regardless of one's opinion about the wisdom of isolating Iran (and opinions are far from uniform), this effort was a bad idea in an impressive number of both technical and political ways. more
Today I released a report on 'National cyber crime and online threats reporting centres. A study into national and international cooperation'. Mitigating online threats and the subsequent enforcing of violations of laws often involves many different organisations and countries. Many countries are presently engaged in erecting national centres aimed at reporting cyber crime, spam or botnet mitigation. more
I will first begin this post by emphasizing that this article is entirely my personal viewpoint and not to be considered as endorsed by or a viewpoint of my employer or any other organization that I am affiliated with. Neither is this to be considered an indictment of the sterling work (which I personally value very highly) that several people in Microsoft are doing against cybercrime. Microsoft's takedown of 3322.org to disrupt the Nitol botnet is partial and will, at best, have a temporary effect on the botnet itself... more
The announcement last month of a new approach by the Internet Corporation for Assigned Names and Numbers (ICANN) to Africa is welcome, and significant for a number of reasons. Africa must participate in ICANN's activities to help shape its policies, and benefit from the domain name industry (estimated at $2 billion in 2008), where it lags behind other regions, given the few African registrars, and that there are no generic top-level domain names (gTLDs) registries that are African. more
Cybersecurity regulation is coming. Whether regulations intended to enhance critical infrastructure protection will be based on existing statutory authority, new legislation, an Executive Order or a combination of legal authorities, however, is still unknown. Other aspects of the coming federal oversight of critical infrastructure cybersecurity that remain undetermined include the extent to which governance system will include voluntary characteristics and the time frame for initiation of new cybersecurity regulation. more
ICANN held another update for new gTLD applicants last week, revealing that the proposal to meter the introduction of new gTLDs received many suggestions during the open comment period. This was just the first step to what I imagine will be a long process - one that will continue on September 12 when ICANN holds a public consultation that will offer more detailed discussion on the many different options for metering. more
This year in July gen. Keith Alexander, director of the National Security Agency and head of the US Cyber Command participated at DefCon, the hackers conference in Las Vegas. In his address, gen. Alexander said, among other things, "This is the world's best cybersecurity community. In this room right here is the talent our nation needs to secure cyberspace."... As someone, who is regularly meeting the top Russian cyber folks, I already know (unofficially, of course) how the words of gen. Alexander were met in Moscow. more
ICANN's Governmental Advisory Committee (GAC) - the special stakeholder group responsible for providing government advice to ICANN on issues of public policy - has an important role to play in the remaining evaluation and delegation phases of the new Top-Level Domain (TLD) program. For some applicants, the future of their new TLD projects may rest on the decisions of the 50 or so national government representatives that are active members of the GAC. more
Australians may lose their right to privacy online if the attorney-general has her way. Nicola Roxon's discussion paper is before a parliamentary inquiry. Proposals include storing the social media and other online and telecommunications data of Australians for two years, under a major overhaul of Australia's surveillance laws. The government passed a toned down version of these proposals last week, giving police the power to force telcos to store data on customers for a specific period while a warrant is sought. more
A World-Renowned Source for Internet Developments. Serving Since 2002.