AT-LARGE GATEWAY

At-Large Website

ALAC

RALOs

At-Large Regional Policy Engagement Program (ARPEP)

At-Large Governance

At-Large Reports

Policy Comments & Advice

Working Groups

ICANN Meetings

At-Large Summit (ATLAS III)

At-Large Review Implementation Plan Development

ALAC and RALO Elections, Selections, and Appointments

At-Large Priority Activities - 2021

Versions Compared

Old Version 6

changes.mady.by.user Silvia Vivanco

Saved on

compared with

New Version Current

changes.mady.by.user Silvia Vivanco

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Topic:  DNS and Domain Abuse in the Digital Economy

The roundtable will discuss how these forms of abuse affect both end users and the digital economy. panelists will discuss current issues relating to DNS and domain name abuse, from various perspectives, including security, business, technology, human rights, and ICANN policy. The panelists will consider the effects of such abuse on the digital economy, with a particular focus on end-users, as well as various efforts to combat these abuses.

The DNS remains the backbone of the Internet. It is a tried and tested system that is globally distributed and extremely scalable. People are continuing to explore new and creative uses for the DNS. DNS is facilitating the growth of and change in the broader digital economy, digital transformation, and Cybersecuritycybersecurity. This session will discuss these issues, anchoring digital asset information in domain name names and the latest technological developments as it relates they relate to domain abuse, resulting from new  domains that are designed to fool people into thinking they are files generated by their systems or files they have requested such as as .zip, .mov, .image, .photo. The problem lies in its association with a commonly used file format. .zip is universally recognized as a compressed file format, .MOV is also a commonly used file format to represent a movie and its usage as a TLD could lead to confusion and potential misuse. TLDs are the letters that come after the dot at the end of the domain name in an Internet address, like example.com, example.org, and example.zip. File extensions are the three letters that came after the dot at the end of a file name, like example.docx, example.ppt, and example.zip, example.mov, example.gif. The key to it all is misdirection. The attack chain is there to confuse and mislead users and security software. Criminals make extensive use of open redirects for example web pages that will redirect you  anywhere you want to go to make it look as if their malicious URLs are actually links to Google, Twitter or other respectable sites. Here are some of the potential cybersecurity issues associated  with the .zip TLD: Phishing attacks: The .zip or .mov TLD could be used to trick users into  believing they’re downloading a legitimate .zip file or movie when, in fact, they’re being redirected  to a malicious

site. This tactic could significantly increase the success rate of phishing attacks. Malware distribution: Attackers could potentially use the .zip or .mov TLD to host and distribute malware. Given the association of .zip and .mov with downloadable files,users might be more  inclined to download files from these domains, inadvertently infecting their systems. Confusion and misdirection: The .zip and .mov TLD could be used to create confusion, making it easier for cybercriminals to misdirect users and mask their activities. Target Groups: Cross- Community

Session This Capacity building session will explore these issues related and seek to educate the  users on how to avoid these pitfalls and succumb to hackers who are seeking to take advantage of  people.

The panelists will discuss various actual and potential use and abuse cases, trends in DNS and domain name abuse, and ongoing and potential efforts to combat DNS and domain name abuse. Target Groups: Cross- Community


...

At-Large Meetings - Tuesday, 05 March 2024 -

(16:15-17:30

...

AST) (21:15-22:30 UTC)

DRAFT AGENDA (TBC)

  1. Welcome Opening Remarks and Guest Speakers Introductions - Greg Shatan, NARALO Chair (10  10 mins)
    1. Reg Levy-
    2. Tu Cows
    1. Head of ComplianceTucows (
    2. Graeme Bunton  - Director, DNS Abuse Institute 
    3. Graham Bunton  - PIR
    2. Steve Crocker - CEO, Shinkuro, Inc.
    3. Ram Mohan - Chief Strategy Officer
    4. at
    1. , Identity Digital
    2. Laureen Kapin - Assistant Director for International Consumer Protection- Federal Trade Commission, USA.  
  5. Roundtable discussion: DNS and Domain Abuse in the Digital Economy" with speakers: (35 45 mins) - Moderated by Greg Shatan
  6. Q&A from Audience
  7. Takeaways - Greg Shatan, NARALO Chair  (5 mins)

...