Skip to main content

Exploring Cybersecurity Topics on a Whirlwind Tour of Eastern Europe

Cybersecurity whirlwind tour eastern europe 1980x1320 27sep16 en

ICANN's Dave Piscitello (second from left) takes part in a panel at CYBERSEC 2016, a conference on cybersecurity held this week Krakow, Poland.

This week I begin a two–week series of Identifier Systems Security, Stability and Resiliency (IS SSR) team and Global Stakeholder Engagement (GSE) cybersecurity engagements that remind me of the vintage comedy movie "If It's Tuesday, This Must Be Belgium."

My journey started not in Belgium, but in Poland, where I participated yesterday (26 September) in two sessions at Cybersec 2016 in Krakow. I spoke about our Identifier Systems SSR team's trust-based collaboration successes in a session called "Global, Regional and National Public-Private Co-Operation – Success Stories." I also discussed ways to improve global responses to cybercrime activities in a session called "Combatting Cybercrime." Several of the points I made are also published in G20 Magazine – China 2016 in the article "Accelerating Cybercrime Response and Mitigation" and in my blog "Can we extend trust-based collaboration beyond handshakes and face to face?"

Monday evening, I shed my suit and tie, dressed down to a t-shirt and jeans, and met with Hackerspace Krakow. There, I shared examples of Domain Name System (DNS) attacks and DNS covert channels, and discussed how organizations can detect and thwart these kinds of attacks. I thoroughly enjoyed my time with Hackerspace Warsaw, and I'm looking forward to meeting with the Krakow chapter.

My next stop is Vienna, where I'll be spending a full day presenting methodologies for investigating cybercrimes to Austrian law enforcement professionals. This program is an important part of the IS SSR Team's capability–building activities. I'll present material that I first presented in Helsinki earlier this month. I'll remain in Vienna to participate in the IDC Security Roadshow 2016, where I'll explain why domain names and the DNS must be considered within an organization's risk management framework. I then visit the Austrian Computer Society meeting, where I'll talk about DNS abuse and its impact on cybersecurity.

From Vienna, I'll travel to Bratislava, Slovakia, to participate in an event of the EU Chapter of the Anti-Phishing Working Group – eCrime Cyber-Security Symposium – which runs from 5 to 7 October. I'll attend case study sessions and participate in steering committee activities on behalf of ICANN. I plan to take advantage of the opportunity to network with first responders, law enforcement and cybercrime forensic professionals from Europe and Eastern Europe. APWG and similar conferences (e.g., Messaging, Malware and Mobile Anti–Abuse Working Group – M3AAWG) are venues where the IS SSR team is most successful in building trust relationships and promoting participation in ICANN's multistakeholder community.

Engagement–filled trips like these require close coordination between the IS SSR team and Global Stakeholder Engagement teams. On behalf of our team, I thank all the GSE staff, and for this trip in particular, Gabriella Schittek, for investing long hours preparing for our visits and for graciously providing in-region support.


    Domain Name System
    Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."