Understanding the Threat Landscape: Basic Methodologies for Tracking Attack Campaigns

The indicators of compromise (IOCs) outlined in my last blog post can be used as a baseline for developing intrusion sets and tracking attack campaigns and threat actors. When launching an attack, threat actors use a variety of vectors and infrastructure, which Verisign iDefense analysts -- as well as analysts across the cybersecurity community -- correlate to group attacks, tracking actors and determining attack methods. more

ICANN 53 - Guaranteeing Accountability in Internet Governance

I recently attended the Internet Corporation for Assigned Names and Numbers' (ICANN) 53rd meeting in Buenos Aires to further discuss the Internet Assigned Numbers Authority (IANA) transition process. During the meeting, public and private Internet stakeholders made important strides on a transition timeline, accountability planning and future management of the Internet that supports global creativity and innovation. more

Revisiting Apple and IPv6

A few weeks ago I wrote about Apple's IPv6 announcements at the Apple Developers Conference. While I thought that in IPv6 terms Apple gets it, the story was not complete and there were a number of aspects of Apple's systems that were not quite there with IPv6. So I gave them a 7/10 for their IPv6 efforts. Time to reassess that score in the light of a few recent posts from Apple. more

DCA’s Submission to Congressional Hearing on “Stakeholder Perspectives on the IANA Transition”

This is the advance submission that DotConnectAfrica Trust sent to the Chairman of the House Sub-Committee hearing on Communications and Technology, Energy and Commerce Committee, United States House of Representatives, 114th United States Congress in advance of the Congressional Hearing on "Stakeholder Perspectives on the IANA Transition", on May 13, 2015. more

Quintett Leads Net Mundial Initiative (NMI): New Steam for an Enabling Multistakeholder Platform

At June 30, 2015 the Inaugural Meeting of the Coordination Council of the NetMundial Initiative (NMI.CC) elected a "Quintett" to guide its activities through the global Internet Governance Ecosystem. Alibaba's CEO Jack Ma from China, ICANN's President Fadi Chehade, Brazilian's Minister Virgilio Almeida and two woman: Eileen Donahou from Human Rights Watch (HRW)) and Marilia Maciel from the Center of Technology and Society (CTS) in Rio de Janeiro are sharing now the helm to bring more steam to this new innovative multistakeholder platform. more

Toward a Balanced ICANN Accreditation Program for Privacy and Proxy Service Providers

For the past two years a diverse group of stakeholders from the ICANN community, including myself, has been working hard to come to a consensus on a set of recommendations related to development and implementation of an ICANN accreditation program for privacy & proxy service providers. The result of this effort will replace the interim specification defined in the 2013 Registrar Accreditation Agreement (RAA) that is due to expire at the end of 2016. more

Lack of ccTLD Growth in Africa Only Partially Due to Internet Penetration

ICANN says that, "the lack of ccTLD growth in africa is due to Internet penetration". However, Gideon Rop of DotConnectAfrica and an Internet Governance expert in the African landscape, expressed a different opinion during the Africa DNS forum in Nairobi. more

Keys Under the Doormat

To those of us who have worked on crypto policy, the 1990s have become known as the Crypto Wars. The US government tried hard to control civilian use of cryptography. They tried to discourage academic research, restricted exports of cryptographic software, and -- most memorably -- pushed something called "escrowed encryption", a scheme wherein the government would have access to the short-term keys used to encrypt communications or stored files. more

Join InterCommunity 2015 on July 7/8 to Talk Future of Internet Governance, Security, Access

What are the most pressing Internet governance issues in the next 2-5 years? What are the biggest priorities in terms of making the Internet more secure and trusted? What are the best ways to bring the next 3 billion people online? Those will all be topics of discussion at the "InterCommunity 2015" meeting taking place this week on July 7 and 8. The meeting will not take place at any one physical location... more

.WTF Domain Being Used In Privacy Campaign

ICANN comment periods on policy proposals don't normally garner much attention. In the case of the current comment period on proxy/privacy services, however, things are very different. To date several thousand comments have been filed, while the topic of the policy proposals has received media attention across hundreds of outlets. more

Computer Transactions, Not People, Are Driving the Need for All-Fibre Networks

Ever since we first became involved in developing policies and strategies for countries relating to what are now known as national broadband networks, we have argued that those taking part in the strategic decision-making processes of designing these networks should look, not at what broadband can do now, but at what high-speed broadband can do to assist countries to create the best opportunities for future developments. more

Last Days to Register for TLD Operator Webinar

The TLD Operator Webinar today announced that Ingrid Baele (Head of Operations, Philips) and Ken Nishida (Manager, Internet & Domain Strategies, Hitachi) are the latest speakers to be confirmed for next week's Webinar. more

Understanding the Threat Landscape: Indicators of Compromise (IOCs)

I previously provided a brief overview of how Verisign iDefense characterizes threat actors and their motivations through adversarial analysis. Not only do security professionals need to be aware of the kinds of actors they are up against, but they should also be aware of the tactical data fundamentals associated with cyber-attacks most commonly referred to as indicators of compromise (IOCs). Understanding the different types of tactical IOCs can allow for quick detection of a breach... more

Registration Operations Workshop (ROW) at IETF-93: RDAP as a Successor of Whois

The next Registration Operations Workshop will take place at the start of IETF 93 on Sunday, July 19th, 2015. The focus of this workshop is on the Registration Data Access Protocol, the successor of Whois. RDAP is a combined protocol for IP addresses and names registration data. Therefore, we are expecting both domain names and RIR communities to attend the workshop. more

DNSSEC Successes, Statistics and Innovation Streaming Live from ICANN 53 on 24 June 2015

Where has DNSSEC been successful? What are some current statistics about DNSSEC deployment? What are examples of innovations that are happening with DNSSEC and DANE? All of these questions will be discussed at the DNSSEC Workshop at ICANN 53 in Buenos Aires happening on Wednesday, June 24, 2015, from 09:00 – 15:15 Argentina time (UTC-3). You can watch and listen to the session live. more