This is The Security Skeptic's Typepad Profile.
Join Typepad and start following The Security Skeptic's activity
The Security Skeptic
Hilton Head Island, South Carolina, USA
Dave Piscitello is a 40 year networking and Internet veteran who now focuses on Internet Security. The opinions expressed here are my own and do not necessarily represent the opinions of Interisle Consulting Group.
Interests: Fitness & free weights, historical fiction, cooking, gardening, inclusive society, unintended consequences of commoditizing technology without consideration of privacy or security.
Recent Activity
In new study Interisle Reveals Excessive Withholding of Internet WHOIS Data
My Interisle colleagues, together with Greg Aaron, have completed an in-depth analysis of the effects of ICANN policy for WHOIS, a public lookup service that has until recently made it possible to identify who registered and controls a domain name. The European Union’s General Data Protection Regulation (GDPR), adopted in May 2018, restricted the publication of personally identifiable data in WHOIS. In response, the Internet Corporation for Assigned Names and Numbers (ICANN) established a new policy, allowing registrars and registry operators to redact (withhold) personally identifiable data from publication in WHOIS. The implementation of this policy has been widely criticized,... Continue reading
Posted Jan 25, 2021 at The Security Skeptic
Comment
0
New study: Phishing Landscape 2020
My colleagues Greg Aaron, Dr. Colin Strutt, Lyman Chapin and I have published a new research report, Phishing Landscape 2020: A Study of the Scope and Distribution of Phishing. The report can be found at http://www.interisle.net/PhishingLandscape2020.html Our goal in this study was to capture and analyze a large set of information about phishing attacks, to better understand how much phishing is taking place and where it is taking place, and to see if the data suggests better ways to fight phishing. We studied where phishers are getting the resources they need to perpetrate their crimes — where they obtain domain... Continue reading
Posted Oct 13, 2020 at The Security Skeptic
Comment
0
Online child predation rising during COVID lockdown
I attended (remotely) a Council of Europe cybercrime webinar on the impact of COVID on cybercrime last week. One of the most disturbing criminal activities discussed was the rise in reports of online predation. The National Center for Missing and Exploited Children (NCMEC) has received 4.2 million reports in April. That’s up 2 million from March 2020 and nearly 3 million from April 2019. (Forbes, 9 May 2020). This is not surprising - nearly everyone who is connected is spending more time on the Internet - but it's still terrifying. Look to the many government agencies have parental guidelines to... Continue reading
Posted May 26, 2020 at The Security Skeptic
Comment
0
Widespread Issues with Domain Registration Accountability Have a COVID Nexus
My Interisle partners and colleague Greg Aaron have published a detailed study that measures the effectiveness and impact of ICANN's registration data access policies and procedures. This study reveals widespread problems with access to and the reliability of domain name registration data systems (WHOIS). These failures have real-life security implications, which are being seen in the current wave of cybercrime accompanying the COVID-19 pandemic. In our Press Release I make the comment that, “The COVID-19 pandemic has led to a recent explosion of cybercrime, with thousands of new domain names using terms like ‘covid’ or ‘corona’ being used to perpetrate... Continue reading
Posted Mar 31, 2020 at The Security Skeptic
Comment
0
Microsoft dismantles global spam delivery infrastructure (Necurs)
Microsoft and partners from 35 countries recently took action to dismantle the Necurs spam infrastructure. Microsoft's post calls Necurs a botnet but provides details that illustrate how much more than a botnet Necurs is: The Necurs infrastructure served as a spam delivery platform for spam, cryptomining and DDOS attacks. The spam campaigns contained stock scams, fake pharma, and Russian dating scams, malware and ransomware. The Necurs operators leased services to other criminal actors to perpetrate these attacks. These are characteristics that the Counsel of Europe's Convention on Cybercrime identifies as criminal activities in its Guidance notes on Spam. Many of... Continue reading
Posted Mar 17, 2020 at The Security Skeptic
Comment
0
Report: Criminal Abuse of Domain Names, Bulk Registration and Contact Information Access
My Interisle Consulting Group colleague, Dr. Colin Strutt and I have published a report, Criminal Abuse of Domain Names: Bulk Registration and Contact Information Access http://interisle.net/criminaldomainabuse.html In this report, we study "bulk registration misuse" by criminal actors. Bulk registrations refers to the practice of rapidly acquiring domain names, using these in an attack, and abandoning them as if they were throw-away ("burner") phones. These domains are a critical resource for cyber criminals. We use reputation block list (RBL) data to reveal how the use of bulk registrations, coupled with the crippling of registration data access by the ICANN Temp Spec... Continue reading
Posted Oct 18, 2019 at The Security Skeptic
Comment
0
ICANN prepares for more gTLDs... has enough been done to mitigate threats?
Posted Sep 13, 2019 at The Security Skeptic
Comment
0
How to protect your small business from cyber attacks
by John Adams Regardless of the type of business, it is virtually inevitable that that your business will be targeted by cyber-attackers. However, while nearly 81% of cyber-attacks occur to small and medium-sized businesses, 97% of these attacks are preventable with the help of outsourcing cybersecurity services or by implementing recommended security practices and raising security awareness among employees. The businesses across the globe are ready to spend more on the security of their business against cybercriminals. According to research conducted by the research firm Cybersecurity Ventures, by 2021, the cost of cyber-crime will cross $6 trillion annually, worldwide. Most... Continue reading
Posted Sep 5, 2019 at The Security Skeptic
Comment
0
Unspecific CZDS contract language makes zone data access approvals a dice roll
Posted Aug 13, 2019 at The Security Skeptic
Comment
0
APWG Monograph: ICANN interpretation of GDPR impedes cyberinvestigations
Posted Jun 6, 2019 at The Security Skeptic
Comment
0
APWG.EU Cybersecurity Awareness Symposium Examines Behavioral Interventions Against Cybercrime at Global Scale
Peter Cassidy, on behalf of APWG and APWG EU APWG.EU is holding its fourth annual Symposium on Global Cybersecurity Awareness in partnership with the European Commission and the Council of Europe (Convention on Cybercrime) on June 26 - 27, to be held at the European Commission Representation Office in Bucharest with the theme of Considering Behavioral Interventions at Global Scale. The objectives of the Symposium, inaugurated by APWG.EU in 2016, are the establishment of global strategies for cybersecurity awareness development – and the cultivation of research, measurement tools and awareness assets deployed as instruments of cybercrime prevention regimens subject to... Continue reading
Posted Apr 10, 2019 at The Security Skeptic
Comment
0
Pioneers in Skirts: An Innovative Movement to Identify and Combat Bias in the Workplace
I recently had the opportunity to preview a documentary, Pioneers in Skirts, by Ashley and Lea-Ann Berst. The film is a character-driven documentary addressing how women and girls with pioneering ambitions combat bias and sexism in our culture Through candid conversations of women who've encountered that bias, and most importantly, women have overcome bias to succeed when circumstances conspire against them, the movie seeks to encourage cultures worldwide to adopt gender parity. I watched the documentary in a male dominated ballroom during a recent security conference. It's real. I've raised a daughter to be a dreamer, to believe she can... Continue reading
Posted Apr 8, 2019 at The Security Skeptic
Comment
0
Facts & Figures: Whois Policy Changes Impair Blocklisting Defenses
Posted Mar 8, 2019 at The Security Skeptic
Comment
0
Conservative abuse reporting throws new TLD program under the bus
Posted Feb 18, 2019 at The Security Skeptic
Comment
0
Network hijacking: everything old is new again
Posted Jan 9, 2019 at The Security Skeptic
Comment
0
APWG and M3AAWG Survey Finds ICANN WHOIS Changes Impede Cyber Investigations
The Anti-Phishing Working Group (APWG) and the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) have collaborated to conduct a survey of cyber investigators and anti-abuse service providers to understand how ICANN’s Temporary Specification for gTLD Registration Data has affected their access and usage of domain name registration information and their ability to mitigate abuse. I served as Principal Investigator for APWG and M3AAWG for this project. I received strong subject matter expertise support from both working groups. From our analysis of 327 survey responses we find that the changes to WHOIS access following ICANN’s implementation of the Temp Spec... Continue reading
Posted Oct 20, 2018 at The Security Skeptic
Comment
0
Whois studies: it's time to ask the right questions
I remain skeptical of all the Whois studies that I’ve reviewed (FTC, SSAC, ICANN), including studies where I was a party to the research. I’ll apologize for failing to contribute to a satisfactory Whois study. I’ll also admit that my understanding of how to study a problem scientifically has greatly expanded over the past ten years. A truly scientific Whois study should meet scientific must meet certain common criteria. The purpose should be clearly defined; in particular, the researchers or parties who commission the research should make certain that they are asking the right question. Before I raise anyone’s brows... Continue reading
Posted Sep 12, 2018 at The Security Skeptic
Comment
0
Post-GDPR WHOIS: A Myriad of Misconceptions, Misinformation and Misdirection
One of the most memorable lyrics of For What It’s Worth (Buffalo Springfield, 1967) aptly describes the current condition of the post-GDPR debate over domain registration data access: There’s battle lines being drawn… nobody’s right if everybody’s wrong. Cybersecurity and policy pundits are heatedly engaged over the impact of the EU General Data Protection Regulation (GDPR). Both sides have done a poor job of articulating the problem space, overlooking key aspects of the regulation and ICANN’s attempt to comply to GDPR in a Temporary Specification For Whois. As difficult as it is to engage in this discussion dispassionately, it’s both... Continue reading
Posted Sep 6, 2018 at The Security Skeptic
Comment
0
Can Global Registry Services clean up the spammiest neighborhoods in the DNS?
Posted Aug 20, 2018 at The Security Skeptic
Comment
0
ICANN publishes the DAAR system methodology white paper and reviews
ICANN publishes the Domain Abuse Activity Reporting System (DAAR) methodology white paper and reviews... Reviews of the Domain Abuse Activity Reporting #DAAR by Marcus Ranum and John Bambenek are now available, along with the initial draft of the DAAR Methodology white paper. Spoiler Alert! Some excerpts from the reviews: "the DAAR system is a straightforward implementation of a good idea" " The way DAAR is described is good; it is very neutral, informative, and non-threatening." "having such a system to analyze abuse data at a per-capita level for TLDs and Registrars is exciting" "The description is thorough and complete, so... Continue reading
Posted Jul 26, 2018 at The Security Skeptic
Comment
0
What is Ransomware
Posted Feb 21, 2018 at The Security Skeptic
Comment
1
How Far Will Email Operators Take Blocklisting to Prevent Spam?
Posted Nov 15, 2017 at The Security Skeptic
Comment
0
Spam: The Security Threat You Easily Forget
About this time last year, I spoke at a Cybersecurity conference in Krakow. I was asked during a video interview to identify security threats that I believed were most pressing. (Ignore the suit...) Yes, I said spam. Not DDoS? Not ransomware? Not breach of personal data? Not IoT? Are you daft, Dave? No. My thinking has not changed a full year later. Spam is a criminal infrastructure enabler Spam may have been merely annoying, unsolicited messages in your inbox at one time, but that was a millennia ago. The average spam volume reported to the Cisco Talos Email and Web... Continue reading
Posted Nov 6, 2017 at The Security Skeptic
Comment
0
Access Controls, User Permissions and Privileges
Posted Jun 12, 2017 at The Security Skeptic
Comment
0
What is Authorization and Access Control?
Posted May 19, 2017 at The Security Skeptic
Comment
0
More...
Subscribe to The Security Skeptic’s Recent Activity