Skip to main content

Engaging with the New Generation of Cyber Fighters

Cyber fighters new generation 624x468 24aug18 en

During the third week of August, I visited São Paulo, Brazil, and Asunción, Paraguay, with the goal of engaging with the community and local law enforcement organizations. We were looking to increase awareness regarding domain name system (DNS) abuse, providing training to police cyber units, explaining what ICANN is, and inviting them to join the ICANN policy development process on the matters that are relevant to them (from a security, stability and resiliency perspective, given my team's focus areas). We do these activities all year round and in all the regions of the world.

The engagement exercises during that week were particularly positive. We provided training to different authorities, made recommendations to the private sector on security improvements regarding the operation of their domains, and explained how to mitigate threats via domain name resolution. All my presentations were very well received and attendees expressed a high level of interest.

One group in particular deserves a special mention: the 129 last-year cadets from the National Police Academy of Paraguay that attended one of our sessions in Asunción. These young and vibrant cadets ranged in age from 21 to 23 years of age. While some knew more than others about cyber-investigations, others were completely new to these topics.

At first, the cadets seated in the front rows were the most engaged of the group, paying attention and asking great questions. While some of those seated in the back didn't seem particularly engaged at the beginning, their interest grew as the discussions progressed. They quickly started to realize how interesting these topics actually are, how they will impact the work they do, and how their own personal lives can also be affected by different forms of DNS abuse.

It was amazing to see them realize how important the DNS is, for both good and evil, and how they can use it, in ways they never suspected, to protect users and infrastructure from malicious actors.

It's not that often that we get to interact with the next generation of cybercrime fighters. And when we do, it's rare that they demonstrate this level of commitment, interest, and desire to start investigating. My hat is off to them.

When I returned home I realized that we, the older generations, are responsible for guiding the new generation of cybercrime fighters with our example and help them achieve their best. We can guide them in distinguishing between right and wrong and teach them to opt for what is right. We need to share what we have learned throughout the years. We need them to be better than we are.


    Domain Name System
    Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."