The Spamhaus team recently interviewed me to learn more about Interisle's recent study, Cybercrime Supply Chain 2023, where we examine the supply chains used by cybercriminals to acquire resources for malware, spam, and phishing attacks.
In Trends, policy and cheap TLDs - an interview with Dave Piscitello (Part 1), we dive into some of the study's key findings:
-
Nearly 5 million domain names identified as resources for cybercrime.
-
Over 1 million new gTLD domain names reported for spam activity.
-
Over 500,000 subdomain hostnames reported as cybercrime resources at 229 subdomain resellers.
-
The United States, China, India, Australia, and Hong Kong had the most IPv4 addresses used for cybercrime.
In Registration, collaboration and disruption - an interview with Dave Piscitello (Part 2), we look at how criminals exploit domain registration services. Here, I explain why adopting the well-known strategy of disrupting supply lines can be effective in mitigating cybercrime. This recommendation is the most recent effort to decry the weaponization of domain names and call for government to impose obligations to mitigate this threat.
I've long recommended that domains registered by cybercriminals, by the thousands, in seconds, is _the_ most serious registration threat (read Weaponizing Domain Names: how bulk registration aids global spam campaigns). Crimes that exploit bulk domain registration services are racking up billions in losses or disrupting healthcare and other critical services. Just as governments have imposed limits on purchases of pseudoephedrine to limit the manufacture of methamphetamine and on ammonium nitrate to prevent the construction of improvised explosive devices, so too can they impose measures to protect the public against cybercrimes, cyberattacks, or cyberterrorism. Such measures will disrupt the criminals' supply chain.
Comments
You can follow this conversation by subscribing to the comment feed for this post.