Today, the Internet Corporation for Assigned Names and Numbers (ICANN) announced that it is increasing the linguistic diversity of the search strings studied in the Domain Name Security Threat Information Collection and Reporting (DNSTICR) project. DNSTICR was developed in response to reports of COVID-19-related Domain Name System (DNS) security threats.
Identifying and including additional strings used in phishing or malware which may be used to harm individuals and organizations around the world is challenging – particularly those that may have localized language or context. For this purpose, and to support ICANN organization's (org) language diversity efforts, ICANN's Governmental Advisory Committee (GAC) will help to increase our coverage of languages and character sets beyond English and ASCII.
The ICANN org is using an evidence-based approach to identify names that appear to have been used for malicious purposes and are related to the COVID-19 pandemic. DNSTICR studies COVID-19-related domain registrations and identifies the most clear-cut cases where domains appear to be used for phishing or malware distribution.
In the framework of this project, the ICANN org produces reports for each identified domain name that compiles evidence of DNS phishing or malware campaigns and other background information. These reports are based on the Guide to Registrar Abuse Reporting Practices and can be helpful for responsible parties (primarily registrars or registries) to determine the appropriate course of action, such as suspending or deleting the domain name.
DNSTICR is an ongoing project that requires regular adaptation to the ongoing pandemic, vaccinations, and other COVID-19-related topics that evolve as the pandemic continues to be a global crisis.
DNS security threats, such as phishing and malware distribution campaigns, have been identified as being within ICANN's remit and area of interest. Projects such as DNSTICR not only allow for the mitigation of these issues, but also provide ICANN with evidence-based insight into the actualities of how and at what level these threats are taking place.
Join us this week at the ICANN71 Virtual Policy Forum to learn more about this and other ICANN org efforts to mitigate DNS security threats.