As every recent report and daily headline reminds us, cyber criminal activity in all of its forms is on an upswing. Not only are cyber threats increasing almost exponentially in frequency, but the pace of acceleration of their sophistication and severity is alarming as well.

This has led to lots of advice on both technology and education steps that can be taken to mitigate risks, but an underlying theme the past few years is the need for greater industry collaboration if trust is to be maintained online, and the Internet does not become dramatically hampered as a result of malfeasance.

It is thus good news that at the ICANN 49 Public Meeting event in Singapore, leading experts and companies in the cybersecurity, Internet and Domain Name infrastructure industry announced the formation of the Secure Domain Foundation (SDF)—a non-profit, community-driven organization devoted to the identification and prevention of Internet cybercrime.

Secure Domain Foundation off to fast start

Why is this good news for all of us?  A few reasons for why this organization can and should have impact and staying power stand out. Indeed, the attraction (to use an appropriate but now cliché term) should be “sticky” based on the speed and intensity SDF has already demonstrated, which will hopefully blossom into very broad industry support and evangelism.

First, you have to admire the new organization’s mission: “To provide Domain Name Registrars, registries (ccTLD & gTLD), hosting providers, DNS operators, and other Internet infrastructure providers with the tools they need to combat abuse of their services and a forum for sharing intelligence on bad actors.”

Second, the SDF charter members include leading Internet and Domain Name infrastructure companies and organizations including: Facebook, Verizon, Verisign, Enom, Name.com, CIRA(.ca), CO Internet(.co), CrowdStrike, the Anti-Phishing Working Group (APWG), Emerging Threats, ESET Anti-Virus, DomainTools, Internet Identity, CoCCA, Mailshell, Blacknight Solutions, Foreground Security, and the SecDev Group.

Third, in regards to hitting the ground fast, the SDF is launching a free API service to obtain an instant domain or registrant "credit score" based on security reputation and contact data validation. As SDF says, the API is for use during domain name transactions such as new account creation, domain registration, and record updates. This is a cybercrime-buster, since the bad guys have long used domain names to control botnets, distribute malware, and compromise unsuspecting visitors, and the purpose of the SDF API is to rapidly identify and shut down those activities at the time of domain registration. 

Founded by world-renowned security researcher Chris Davis, who was responsible for taking down the infamous Mariposa botnet, and domain industry expert, Norm Ritchie -- who has been designated as one of seven trusted individuals in the world to hold the key to secure the Internet DNS root zone in the event of a catastrophe -- the SDF is looking for collaboration to stop the bad guys. It will provide no-cost tools, technology, research, and security intelligence to an initial market segment of Internet domain name registrars, registries, ccTLD operators, and gTLD operators.

Building on its early efforts, in the coming months the SDF plans to expand services to hosting providers, DNS operators, CERTs, law enforcement and other Internet infrastructure operators.

Notable people, why SDF and why now

"ICANN has recently mandated that domain registrars must validate postal addresses, phone numbers, and email addresses that are provided as contact information during the domain registration process," said Norm Ritchie, chairman of the SDF. "And many new gTLD registries have already pledged to take a more proactive role in combating domain abuse within their TLDs. The SDF provides an entirely free service that not only validates the contact registration data provided but also lets the registrar and registry know if we have seen that data used previously in relation to cyber crime."

"Rightside has been an early supporter of the SDF and its mission. Over the past two years, the SDF has been quietly and skillfully compiling an extensive database of malicious domains and actors. It has been an excellent resource for us,” said Wayne MacLaurin, CTO of Demand Media companies Enom, Name.com and Rightside Registry. We are very proud and excited to be a partner of the Secure Domain Foundation and we look forward to incorporating the contact data validation services into our domain registration processes."

"Beyond our current offering of tools and services, we are also dedicated to raising the cost and risk of cyber crime," said Chris Davis, president of the SDF. "With our partners, we analyze hundreds of thousands of malware samples daily and actively engage with registries, registrars and hosting providers to shut down the criminal command and control infrastructure. Our staff and volunteer researchers and analysts work tirelessly to provide criminal attribution intelligence to the proper global law enforcement organizations and help to bring these criminals to justice."

Like good wine, collaboration of the white hats has taken some time to find the right forum for a global initiative that can address (pardon the double entendre) root causes of what the bad actors have been so proficient at exploiting. This is certainly an organization to keep an eye on. In fact, you might wish to bookmark the site and hopefully join in, since doing well by doing good loves a crowd. 


Edited by Rory J. Thompson