New group provides threat intelligence to domain registrars, other firms
Name.com, Facebook and Verizon are among the companies backing the newly-formed group.
A new organization aims to prevent cyber crime by making sure the domain name industry receives the needed intelligence to immobilize criminals.
On Monday, the formation of the Secure Domain Foundation (SDF), a Canada-based non-profit, was announced. A number of companies, in and outside of the domain name industry, have backed the newly-formed group, from registrars Name.com, Nominet and Rightside Registry, to major service providers like Facebook and Verizon.
SDF provides a reputation and validation API, which allows users to quickly identity potential abuse, according to the group's website. In addition, the service enables domain registrars to comply with requirements established in the Internet Corporation for Assigned Names and Numbers' (ICANN) 2013 Registrar Accreditation Agreement.
On Friday, Chris Davis, the co-founder and president of SDF, who also serves as director of partnerships at CrowdStrike, told SCMagazine.com how the organization came about.
“The problems I was having as a researcher, was that [the majority of] modern malware actors used domain names for either command-and-control infrastructure or for distributing their malware,” Davis said. Too many times, an actor whose activities had been detected would simply register another domain name to continue their attacks, he added.
“What we are striving to do with the SDF is to provide domain registrars intelligence on the attackers,” he said.
Davis led efforts to identify and dismantle the Marisposa botnet, which, at one point, consisted of 13 million infected PCs spanning 190 countries.
He added that tech companies, like Facebook and Verizon, with expansive customer bases, were just as interested in using threat information to find, and stop, scams or infections being spread by attackers.