What's Happening and Interisle News Archive


What's Happening

23 October 2008
As part of its program to expand the Domain Name System (DNS) by adding new generic top-level domain names (gTLDs) alongside the familiar .COM, .ORG, and .NET, ICANN has published a draft Applicant Guidebook entitled "How to Apply for a New Generic Top-Level Domain." The Guidebook will be available for public comment for 45 days, and will be the topic of several meetings and workshops during the upcoming ICANN meeting in Cairo. ICANN expects to begin accepting applications to operate new gTLDs in mid-2009. Interisle worked with ICANN to develop the technical criteria and procedures for evaluating applications.

5 March 2008
Interisle Associate Fred Goldstein has published his latest article on the current controversy over network management practices and peer throttling—“The Dismal Reality of Internet Management”—in which he discusses the controversial practice of rate-limiting or blocking some forms of application traffic that put Comcast in the hot seat at FCC en banc hearings on Broadband Network Management Practices in Cambridge, MA on February 25 and Palo Alto, CA on April 17.

7 January 2008
Frontline Wireless has decided not to bid in the upcoming FCC auction of 700 MHz band radio spectrum. Interisle partner Lyman Chapin  is a member of Frontline’s Open Access Advisory Council.

29 November 2007
Interisle associate Fred Goldstein was on NECN last night talking about Verizon's announcement that it will adopt some of the open access features required by the FCC for part of the new 700 MHz band spectrum to be auctioned in January on its existing cellular network.

24 October 2007
Interisle Consulting Group delivered the report from its independent review of the  ICANN Nominating Committee. The report can be read and public comments can now be posted via the website at ICANN. The NomCom review workshop took place during the ICANN public meeting, Wednesday 31 October 2007; a transcript is available.

13 September 2007
Interisle principal Lyman Chapin is a candidate for election to the Board of Trustees of the American Registry for Internet Numbers (ARIN), the nonprofit corporation responsible for allocating Internet Protocol (IP) resources, including IPv4 and IPv6 addresses, within a service region that includes Canada, many Caribbean and North Atlantic islands, and the United States. Statements of support may be posted prior to the end of the voting period on 26 October 2007.

28 June 2007
The Internet Corporation for Assigned Names and Numbers (ICANN) has chosen Interisle Consulting Group to conduct an independent review of its Nominating Committee and process. The objective of the review is to determine whether the nominating committee has a continuing purpose in the ICANN structure, and if so, whether any change in structure or operations is desirable to improve its effectiveness. Interisle’s review team will include the two principals of Options for Change.

16 May 2007
Application Performance Management: Best Practices Do Work, co-authored by Interisle associate Rebecca Wetzel, appears in the May 2007 issue of Business Communications Review.

May 2007
Interisle is working with the nine cities and towns in the Metro Boston Homeland Security Region to design and deploy a resilient public safety data network (PSnet). George Fosque, the Cambridge MA Emergency Communications director who is the principal PSnet champion, described the project and what it means for public safety in Massachusetts at the IEEE Conference on Technologies for Homeland Security in Woburn, MA on May 16-17.

16 January 2007
The ICANN Board has accepted the recommendations of the first two Registry Services Technical Evaluation Panel (RSTEP) reports, denying Tralliance Corporation’s petition to insert a wildcard at the top level of the .travel domain and approving Global Name Registry’s proposal for a limited release of two-character names at the second level of the .name domain. Interisle principal Lyman Chapin chairs the RSTEP.

3 September  2006
Pocket Guide To Application Delivery Systems, co-authored by Interisle associate Rebecca Wetzel, appears in the September 2006 issue of Business Communications Review.

May 2006
A Capability Model for Enterprise Resiliency, co-authored by Chris Owens and Charles Wallen, appears in the Spring 2006 issue of the Disaster Recovery Journal. This brief article summarizes a more extensive project whose goal is to apply thinking from the disciplines of risk management and process quality improvement to the task of assessing and managing the business resiliency of an enterprise. The approach leads to pragmatic decisions that are grounded in mission, degree of risk tolerance, and other strategic fundamentals.

5 April 2006
IT Managers Weigh In On Application Performance, co-authored by Interisle associate  Rebecca Wetzel, appears in the April 2006 issue of Business Communications Review.

15-16 March 2006
Chuck Wade presented the findings and recommendations of the Financial Services Technology Consortium's Better Mutual Authentication project at the World Wide Web Consortium (W3C) Workshop Toward a More Secure Web: Transparency and Usability of Web Authentication, in New York City. The FSTC Position Paper can be downloaded from W3C's Web site here.

1 March  2006
Chuck Wade presented the work of the Financial Services Technology Consortium's Better Mutual Authentication project at the Spotlight On Multifactor Authentication meeting of the NACHA Internet Council in Dana Point, California.

27 February 2006
QoS over MPLS-The Complete Story, co-authored by Interisle associate Rebecca Wetzel, appears in the February 2006  issue of Business Communications Review.

29 January 2006
Lyman Chapin has been nominated to chair a standing technical panel of experts that will review proposals to the Internet Corporation for Assigned Names and Numbers (ICANN) for new registry services at the top level of the Domain Name System (DNS).

9 November 2005
Chuck Wade presented during the eCrime Incident Reporting session at the joint meeting of the Anti-Phishing Working Group (APWG) and the Messaging Anti-Abuse Working Group in Montreal.

4 November 2005
Lyman Chapin presented at The Progress & Freedom Foundation seminar:  "Interconnection Without Regulation: Lessons for Telecommunications Reform from Four Network Industries" in Washington, DC.

22 August 2005
Vint Cerf and Bob Kahn are the 2005 recipients of the computing profession's Nobel Prize, the ACM Turing AwardLyman Chapin moderated their dialogue-format Turing Award Lecture: Assessing the Internet: Lessons Learned, Strategies for Evolution, and Future Possibilities at the University of Pennsylvania. If you were not among the 1000+ attendees, you can view the archived webcast of the historic event.


Interisle News

31 January 2024
M3AAWG DNS Abuse Report

A new report from M3AAWG quotes from Interisle's Criminal Abuse of Domain Names report and additionally cites Interisle's Phishing Landscape 2020 report. Read their complete report at M3AAWG DNS Abuse Prevention, Remediation, and Mitigation Practices for Registrars and Registries.

23 January 2024
Trends in Spam

Analysis of spam data for September to November 2023 shows that the number of domains reported for spam declined for the third straight quarter. But that still represents over 200,000 unique spam domains each month. New gTLDs and subdomain reseller accounts continue to attract more spammers. Bulk registrations of spam domains during 2023 were unacceptably high: for the whole year, we determined that 36% of domains used in spam campaigns were registered maliciously (i.e., by spammers, for spam). It's insulting to dismiss spam emitted using these #weaponized domains as abuses. They are, or they abet, criminal acts. Read the detailed analysis at the Cybercrime Information Center.

11 January 2024
Changes in Phishing

While phishing attack volume oscillated during 2023 — down during in the February–April 2023 period, up during the May–July 2023 period and down again for the August–October 2023 period — phishing is still increasing over time. While the number of domains reported for phishing again decreased ~1%, malicious registrations increased by a troubling 22%. Meta and USPS were the most impersonated brands. Phishing domains reported in the ccTLDs dropped to 22%, well below the ~37% ccTLD market share. With Freenom out of the domain registration business, phishers are exploiting the new TLDs, particularly those with cheap registration fees. For more insights, read our Phishing Trends, including key measurements and operator rankings (TLDs, registrars, and hosters).

1 November 2023
Interisle's Andy Malis Awarded 10th Patent

Andy Malis was granted US Patent 11,792,045, Elastic VPN That Bridges Remote Islands, on October 17, 2023. This patent enables enterprise networks that employ cloud computing to offload processing tasks to third party data centers. Virtual private networking techniques can be used to securely transmit data between the enterprise networks and the data centers housing the cloud networks via the Internet. This allows enterprise users to move application functionality between data centers, for example to dynamically allocate processing power at data centers that are geographically closest to an active end user base at any specified date/time. This approach allows processing power to be dynamically allocated and deallocated to support branch office networks that rely on the enterprise network.

23 October 2023
Cybercrime Supply Chain 2023

Interisle has published a major new research report, Cybercrime Supply Chain 2023: Measurements and Assessments of Cyber Attack Resources and Where Criminals Acquire Them, finding persistent patterns of exploitation and abuse. Interisle analyzed more than 10 million cybercrime records and found distinct, persistent patterns of exploitation and abuse covering a 365-day period from September 2022 to August 2023. The report notes that current reactive efforts cannot curtail cybercrime and the harm it inflicts on Internet users, and recommends implementation of measures that, working together, policy regimes, governments, service providers, and private sector can use to disrupt the cybercrime supply chain. The study was sponsored by APWG, CAUCE, and M3AAWG.

12 October 2023
Interisle Responds to UK DSTI on Domain Abuse

Cybercrime and domain name abuse are key concerns of governments and other stakeholder worldwide. Successful mitigation of these problems will require a global, cross-sectoral approach, including appropriate action by governments. Interisle Consulting Group contributed to the UK Department for Science, Innovation and Technology's (DSTI) recent consultation Powers in Relation to UK-Related Domain Name Registries, which seeks input on policies for mitigating domain name abuse and misuse in UK-related top-level domains (TLDs). Drawing on finding from its recent Phishing Landscape 2023 report, Interisle's response underscores how effective policies and procedures must aim at preventing criminals from maliciously registering names in the first place, not just cleaning up after abuse has already occurred. It also discusses the benefits in using the Council of Europe's Convention on Cybercrime's descriptions of harmful activities as a basis for defining prohibited uses of domain names, including facilitating multi-jurisdictional abuse mitigation and enforcement. Read our full contribution.

20 September 2023
Interisle's Andy Malis Awarded 9th Patent

Andy Malis was granted US Patent 11,750,517 on September 5, 2023, Service Function Chaining Congestion Feedback. This patent adds a method of reporting downstream congestion to Service Function Chaining (SFC) as defined by the Internet Engineering Task Force (IETF). SFC enables network operators to offer various value-added services to their customers, such as deep packet inspection, parental controls, traffic optimization, and network address translation without the need for specialized network elements to provide these services. This patent extends these capabilities with the ability to report downstream congestion to upstream devices so that they may address the congestion.

9 August 2023
Phishing Landscape 2023

Interisle Consulting Group has published a major new research report, Phishing Landscape 2023: An Annual Study of the Scope and Distribution of Phishing. Interisle has collected more than 11 million phishing reports over a three-year period, showing a tripling of phishingn attacks since May 2020, and a 65% increase since the previous yearly study. The number of unique domains names continues to increase. 90% of phishing domains in new gTLDs are in just 25 new gTLDs. Two-thirds of phishing domain names were registered specifically for phishing. The report includes recommendations for registries and registrars, emphasizing that mitigation requires cross-industry collaboration. Absent effective mitigation, litigation has yielded results — when Freenom stopped offering domain names, the number of Freenom domains used for phishing plummeted.

31 May 2023
Interisle research on display at Krebs on Security

American journalist and investigative reporter Brian Krebs cited data and findings from Interisle's 2021 Phishing Landscape Study in a March 7 column, ‘Sued by Meta, Freenom Halts Domain Registrations’. Following several exchanges on Mastodon, Brian took a deeper dive into Freenom's Freefall with Interisle partners Dave Piscitello and Colin Strutt. Brian then published a follow-up piece, ‘Phishing Domains Tanked After Meta Sued Freenom, where he shares charts and trendlines prepared by Colin using data collected at the Cybercrime Information Center and observations by Dave on why legal action may be an effective recourse for brands targeted by phishers.

15 April 2023
Interisle's Andy Malis Awarded 8th Patent

Andy Malis was granted US Patent 11,616,717 on March 28, 2023, Service Function Chaining Network Services. This patent adds quality of service capabilities to Service Function Chaining (SFC) as defined by the Internet Engineering Task Force (IETF). SFC enables network operators to offer various value-added services to their customers, such as deep packet inspection, parental controls, traffic optimization, and network address translation without the need for specialized network elements to provide these services. This patent extends these capabilities with a table-driven approach to provide various qualities of service to network packets.

16 March 2023
Interisle Welcomes New Associate Karen Rose

No, not the romantic suspense author who wrote Cold Blooded Liar-the internationally recognized Internet policy and digital economy expert who served as Senior Director of Strategy and Analysis at the Internet Society. Karen's 30 years of public and private sector experience and her reputation for insightful analysis of global Internet issues extend and amplify Interisle's ability to provide authoritative advice to its clients. You can watch her describe ICANN's relationship with the U.S. Government—and her role in creating it—in this interview for the ICANN History Project.

14 March 2023
Malware Landscape 2023

Interisle Consulting Group has published a major new research report, Malware Landscape 2023: A Study of the Scope and Distribution of Malware. Interisle reviewed over 7 million reports of distinct malware events from January 2022 to December 2022 collected by the Cybercrime Information Center, examining malware that attacks both IoT and user-attended devices ("endpoints"). This year Interisle also studied reports of malicious traffic sources: malware that is used to scan web sites for exploitable vulnerabilities, to inject malicious content into web forms, or to conduct denial of service attacks.

9 March 2023
Interisle's Andy Malis Awarded 7th Patent

Andy Malis was granted US Patent 11,582,148 on February 14, 2023, MPLS Extension Headers for In-Network Services. This patent describes methods and devices (e.g., routers) that add in-network services to a multiprotocol label switching (MPLS) network. This can include an MPLS network router receiving and modifying a packet by adding one or more MPLS extension headers, adding one or more extension header(s), and adding an indication within an MPLS label stack that one or more MPLS extension headers have been added to the packet.

28 February 2023
Another Quarter's Malware Analyzed

Analysis of the October to December 2022 malware data from the CyberCrime Information Center shows a 34% increase in IoT malware and a 31% increase in endpoint malware compared to the previous quarter. Mozi is on the rise again, and vulnerability scanners are running rampant. Also noteworthy, there was a 121% increase in domains names reported for hosting malware.

23 September 2022 (Updated 1 November)
Dave Piscitello to present at M3AAWG

Dave Piscitello will present findings and recommendations from two recent Interisle studies of phishing and malware at the M3AAWG meeting in October. Data from three million phishing reports, as well as analysis and recommendations about two and a half million records of malware will be shared.
Update: 1 November 2022
Anne Price summarized Dave's presentation in a M3AAWG blog post, "Coordinated Action is Needed as Phishing and Malware Attacks Skyrocket; Domains, Brands and Services Targeted".

10 August 2022
Making the Internet a More Secure Place

David Strom interviews Dave Piscitello for Czech company Avast's popular Cybersecurity blog, where he reviews Interisle's 2022 Phishing Landscape Study. Strom notes that "What makes [the] report especially powerful is that it includes data from four commercial information sources" and the two Davids discuss the merits/benefits when organizations employ more than one blocklist in their antiphishing defenses.

31 July 2022
Interview with Dave Piscitello

Interisle principal Dave Piscitello was interviewed for Authority Magazine's series 5 Things You Need To Know To Optimize Your Company's Approach to Data Privacy and Cybersecurity.

19 July 2022
Phishing Landscape 2022

Interisle Consulting Group has published a major new research report, Phishing Landscape 2022: An Annual Study of the Scope and Distribution of Phishing. Interisle collected more than 3 million phishing reports representing over 1.1 million phishing attacks from four respected threat intelligence sources over a period of 12 months. This extensive data set formed the basis for an in-depth analysis of how and where criminals are getting the resources they use to scam Internet users, and points to better ways to fight phishing.

14 June 2022
Malware Landscape 2022

Interisle Consulting Group has published a major new research report, Malware Landscape 2022: A Study of the Scope and Distribution of Phishing. The study, which analyzed 2.5 million records of distinct malware events from April 1, 2021 to March 31, 2022 collected by the Cybercrime Information Center, explains what malware was most prevalent, where malware was served from, and what resources criminals used to pursue their attacks.

14 March 2022
EU High Level Internet Governance

Interisle principal Dave Piscitello presented at a recent meeting of the EU High Level Internet Governance expert group, discussing domain name abuse, following a presentation of a Study on Domain Name System (DNS) Abuse commissioned by the European Commission. The Phishing Landscape 2021 Study and other related Interisle studies are mentioned in the EC study.

25 February 2022
Improvements to the CyberCrime Information Center

Interisle principal Colin Strutt posted a blog entry at the CyberCrime Information Center describing recent improvements to our cybercrime analysis. CIC is now gathering domain registration data for ccTLDs; we've improved identification of brands targeted by phishing; and we've enhanced our ability to discern phishing domains that were registered maliciously.

6 January 2022
Interisle principal Andy Malis issued 6th US patent

Interisle principal Andy Malis is a co-author of US patent 11,201,820, issued on December 14, 2021. The patent, "Segment Routing in MPLS Network", describes methods and devices such as routers for performing segment routing in MPLS networks. This adds the ability for MPLS networks (including those carrying IPv4 traffic) to support network programming and router-based network services (such as network statistics, service level verification, firewall filtering, and server load balancing), which were previously only available when segment routing is used in a native IPv6 network.

30 November 2021
Economic impact payments (EIP) Phishing: US citizens under attack from US bases of phishing operations

Interisle Principals Dave Piscitello and Colin Strutt report on a prolonged phishing campaign that targets US citizens with an Economic Impact Payment (EIP) theme. EIP phishing emails and text messages mimic correspondence to convince US citizens to submit personal information or an advance fee payment at a bogus IRS web site. Dave and Colin analyzed 5700 links to determine where phishers were acquiring resources for their EIP phishing pages and identified a decidedly US nexus. US citizens are largely being phished from US hosting services using US based registrars and domain names delegated from US based Top-level domains. Dave and Colin assess the circumstances hindering takedowns of this prolonged campaign and discuss policy and legislative activity that could be adopted to protect US citizens specifically, and all targets of phishing generally.

17 November 2021
Malware Landscape 2021

Interisle Consulting Group has published a major new research report, Malware Landscape 2021: A Study of the Scope and Distribution of Phishing. Interisle collected nearly 1.7 million malware reports collected from January 1, 2021 to June 30, 2021, which shows a 663% increase in malware reports in the first half of 2021. Our analysis allowed us to understand what malware was most prevalent, where malware was served from or distributed, and what resources criminals used to pursue their attacks.

22 September 2021
Phishing Landscape 2021

Interisle Consulting Group has published a major new research report, Phishing Landscape 2021: An Annual Study of the Scope and Distribution of Phishing. Interisle collected nearly 1.5 million phishing reports representing approximately 700,000 unique phishing attacks from four respected threat intelligence sources over a period of 12 months. This extensive data set formed the basis for an in-depth analysis of how and where criminals are getting the resources they use to scam Internet users, and points to better ways to fight phishing.

1 August 2021
New Whois Survey Findings

Dave Piscitello was one of four principal investigators of a joint M3AAWG and the Anti-Phishing Working Group (APWG) survey, ICANN, GDPR, and the WHOIS: A Users Survey — Three Years Later. The survey asked cyber investigators and anti-abuse service providers to describe ongoing impacts of ICANN's implementation of the EU GDPR, the Temporary Specification for gTLD Registration Data (Temporary Specification, adopted in May 2018).

28 June 2021
Domain Security Report

Interisle Consulting Group announced the publication of an industry report, Domain Security: A Critical Component of Enterprise Risk Management. The report describes the adverse and costly consequences when an organization becomes a victim of domain name hijackings or misuse. Interisle recommends that organizations need to include domain names in their enterprise risk management planning and execution.

25 June 2021
Updated Phishing Activity Reports Available

Phishing activity updates for the period November 1, 2020 through January 31, 2021 are now available at the Cybercrime Information Center. The updates include measurements and rankings of Top-level Domains, Domain Registrars, and Hosting Networks (ASNs) for the period. Comparisons of measurements against the prior period — May 1, 2020 through July 31, 2020 and August 1, 2020 through October 31,2020 — are also available.

9 June 2021
Andy Malis co-authors more RFCs on Deterministic Networking

Interisle partner Andy Malis participates in the Internet Engineering Task Force's Deterministic Networking (DetNet) project, focused on deterministic data paths providing bounds on latency, loss, jitter, and high reliability. DetNet is publishing RFCs on this topic, with Andy as co-author on some, including RFC 9023: Deterministic Networking (DetNet) Data Plane: IP over IEEE 802.1 Time-Sensitive Networking (TSN), RFC 9024: Deterministic Networking (DetNet) Data Plane: IEEE 802.1 Time-Sensitive Networking over MPLS, and RFC 9037, Deterministic Networking (DetNet) Data Plane: MPLS over IEEE 802.1 Time-Sensitive Networking (TSN).

30 April 2021
Updated Phishing Activity Reports Posted

Phishing activity updates for the period August 1, 2020 through October 31, 2020 are now available at the Cybercrime Information Center.
The updates include measurements and rankings of Top-level Domains, Domain Registrars and Hosting Networks (ASNs) for the August 1, 2020 through October 31,2020 period.
Comparisons of measurements against the prior period, May 1, 2020 through July 31, 2020 are also available.

13 March 2021
Academic Research Corroborates Interisle Study Findings

A large-scale systematic measurement study to quantify the changes made by WHOIS providers in response to the GDPR was presented at The Network and Distributed System Security Symposium (NDSS) on 22 February. Using a collection of 1.2 billion WHOIS records spanning two years and software they developed to automate compliance checking, the researchers found levels of WHOIS redaction beyond what the GDPR would require that corroborate the findings of Interisle's recent WHOIS Contact Data Availability and Registrant Classification Study.

1 March 2021
Interisle Launches the Cybercrime Information Center

Cybercrime—phishing, pharming, botnets, malware, and spam—threatens every Internet user. To fight cybercrime we need to know how criminals acquire and use the Internet resources that enable their criminal activity. The Cybercrime Information Center (CIC) will gather and publish the facts about cybercrime. By publishing its measurement data, the Center will identify the sources and mechanisms of cybercrime, as defined in the Council of Europe's Budapest Convention on Cybercrime. Researchers, governments, businesses, and others will be able to use CIC data to evaluate the policies and practices that attract and encourage criminal activity.

25 January 2021
WHOIS Contact Data 2021

Interisle Consulting Group has published a major new research report, the WHOIS Contact Data Availability and Registrant Classification Study. The report presents an in-depth analysis of how contact data for Internet domain names–which make all web sites, email, and apps work–has disappeared from public access, impeding cybercrime investigation, consumer protection, Internet security, and online commerce.

23 January 2021
Andy Malis co-authors two RFCs on Deterministic Networking

Interisle partner Andy Malis participates in IETF's Deterministic Networking (DetNet) project, which focuses on deterministic data paths providing bounds on latency, loss, jitter, and high reliability. DetNet is publishing a set of RFCs on this topic, with Andy as co-author on some. Recently published include RFC 8938: Deterministic Networking (DetNet) Data Plane Framework and RFC 8964: Deterministic Networking (DetNet) Data Plane: MPLS.

1 January 2021
Interisle welcomes new Partner Andy Malis

Andy Malis, a well-known and widely respected contributor to the development of telecommunications technology and the Internet for over 40 years, joins Interisle as a Partner. He brings to Interisle extensive experience in networking protocol architecture and evolution, product architecture and strategic planning, service provider network planning, and technology transfer, and a strong reputation for leadership in international standardization bodies (including the IETF, Broadband Forum, ITU-T,and Open Networking Foundation), standards authorship, and chairing and speaking roles at conferences and other industry events. Andy is the author or co-author of more than 40 IETF RFCs and Internet drafts, and currently co-chairs the IETF's Pseudowire And LDP-enabled Services (PALS) working group. Learn more about Andy on our About Us page.

13 October 2020
Phishing Landscape 2020

Interisle Consulting Group has published a major new research report, Phishing Landscape 2020: A Study of the Scope and Distribution of Phishing.
Interisle collected data about phishing attacks from four respected threat intelligence sources over a period of three months, learning about more than 100,000 newly discovered phishing sites. This extensive data set formed the basis for an in-depth analysis of how and where criminals are getting the resources they use to scam Internet users, and points to better ways to fight phishing.

July 2020
Disinformation and the 2020 Election

Dave Piscitello was again a guest on the Unsung Cyber Hero Adventure TV Network for an episode entitled The 2020 Election & Disinformation: Is Our Democracy Under Attack!. Appearing with Dave was fellow cyber investigator, John Bambenek, who is a visiting lecturer at University of Illinois. Also appearing was Llewelyn King, the Co-creator and host of the PBS Show, The White House Chronicles. Host Gary Berman focused the discussion on a range of interrelated topics.

June 2020
Ransomware Exposed on Unsung Cyber Hero Adventures TV Network

Interisle principal Dave Piscitello and fellow guest Christiaan Beek of McAfee share experiences dealing with ransomware and related cybercrime during this Unsung Cyber Hero Adventures TV episode. Dave and Christiaan explain what ransomware is, how it's delivered, which sectors are the MOST vulnerable to ransomware and why, and how individuals, small businesses and large organizations should contend with it. They also share how cyber criminals are leveraging Covid-19 to deploy ransomware and answer the thorny question, “should a victim pay the ransom?”

May 2020
Internet Infrastructure Coalition responds to Interisle's domain registration data report

On April 28 the Internet Infrastructure Coalition (i2Coalition) published comments on the Interisle Report “Domain Registration Data at a Crossroads.” The Coalition “objects to the flawed conclusions drawn by” the report and charges that it “establishes a false framework as the basis from which it assesses registrars.” They conclude that “[t]he report reads more like the promotion of specific agendas, including on policy development work in the context of the ICANN EPDP, rather than solutions.”
Interisle stands by its report and will entertain and review any data or equivalent analyses provided by the Coalition that would influence its findings or recommendations.

March 2020
Interisle releases report on domain registration data

Internet users of all kinds rely on public domain name registration data services ("Whois") to obtain accurate and up-to-date operational and registration information for vital and legitimate purposes. Over the last two years, access to domain name registration data has been drastically curtailed as a result of ICANN policies, data privacy laws, and due to practices by registrars and registry operators.
Interisle studied domain registration data, measuring the effectiveness and impact of ICANN's registration data access policies and procedures by examining the practices of 23 registrars, which collectively sponsor more than two-thirds of the registrations in the generic top-level domains (gTLDs). It determined whether they comply with ICANN's policies and related contractual obligations, and also to the European Union's General Data Protection Regulation (EU GDPR).
You can read the Full Report, just the Executive Summary, or the Press Release.

March 2020
The business of domain names

John McCormac cites data from Interisle's report on Criminal Abuse of Domain Names in his November 2019 book Domnomics: The business of domain names. The book presents a comprehensively data-driven indictment of the domain name industry and ICANN's failure to recognize and respond to its abuses. [Note: Interisle receives no compensation of any kind for this or any other referral click-through.]

October 2019
Interisle releases report on criminal domain abuse

Interisle studied the impact of bulk registration of domain names and how they aid cybercriminals with malware, ransomware, phishing, botnets and spam attacks.
In the report, we studied "bulk registration misuse" by criminal actors. Bulk registrations refers to the practice of rapidly acquiring domain names, using these in an attack, and abandoning them as if they were throw-away ("burner") phones. These domains are a critical resource for cybercriminals. 
You can read the full report: Criminal Abuse of Domain Names or just the Executive Summary.

September 2019
ICANN must do more to fight Internet security threats

ICANN is conducting a distracting debate about the kinds of events that should be described as “DNS abuse”. The instigators of this debate hope to relieve ICANN and its constituencies of responsibility for the way in which identifiers are used to inflict harm on internet users.
However convenient it may be, it is fundamentally wrong. Harmful content itself is not ICANN's concern; the way in which Internet identifiers are used to weaponize harmful content most certainly is. This falls squarely within ICANN's Bylaws obligation to operate “for the benefit of the Internet community as a whole”.
In this DomainIncite guest post, Lyman Chapin and Dave Piscitello discuss why ICANN's remit extends broadly to how a domain name (or other Internet identifier) is misused to point to or lure a user or application to content that is harmful, or to host content that is harmful. Lyman and Dave offer a pragmatic resolution to the terminology debate: adopt a term, "security threat", that is already widely used within and outside ICANN community. Use the time otherwise wasted in a pointless terminology debate to come to terms with a remit they have studiously avoided: adopt an international treaty definition for cybercrimes and collaborate with public and private sector authorities to disrupt or mitigate these threats.

September 2019
Dave Piscitello to speak at the APWG EU eCrime Research Symposium

Dave has been invited to speak at the APWG EU eCrime Research Symposium in Barcelona, Spain. The abstract for his presentation, "Expanding the scope of blocklisting to improve risk-based threat mitigation" is posted at here.

August 2019
Corroborating community complaints about ICANN's CZDS approval process

Dave Piscitello ran a simple experiment to investigate complaints regarding the approvals process for ICANN's Centralized Zone Data Service (CZDS). He applied for all Top-level domains (TLDs) available from the CZDS on May 28 2019 to observe how promptly registries respond to approval requests. The approval process should be a simple check and sign off: it is for many registry operators but for others, the wait can be significant. Read more on Dave's blog.

June 2019
Whois is lost

In the aftermath of GDPR's establishment, ICANN's policies for access to domain registration data (Whois) have created adverse consequences for investigations into terrorist activities, political influence campaigns and cybercrimes, creating serious threats to public safety. In this APWG monograph, APWG Board Member and Interisle Principal Dave Piscitello explains exactly how Whois data is employed during preventative and forensic cyber investigations — and how ICANN's interpretation of GDPR in particular also delays development of programmatic machine-driven responses that are widely used to maintain public safety and are vital to the long-term viability of the Internet as a governable domain.

May 2019
EU Directive on Security of Network and Information Systems

European Union Directive 2016/1148 (NIS) is the first EU-wide legislation on cybersecurity. Although the EU's General Data Protection Regulation (GDPR) has received almost all of the world's attention, the impact of the NIS on network operators is potentially far greater. Interisle's Jim Reid presented On the Implementation of the EU NIS Directive at the ICANN DNS Symposium on 10 May 2019; it's an excellent introduction to the Directive and its consequences. You can listen to Jim's presentation here until June 13, 2019

May 2019
Network Collective Podcast on EU GDPR

The European general data protection regulation (GDPR) went into effect nearly a year ago. The regulation applies to EU citizens and residents, but the adoption of the regulation and subsequent compliance implementations impact cybersecurity and influence business practices globally. In this podcast episode, Dave Piscitello, Brian Honan, and host Russ White discuss how the regulation has influenced risk assessment for businesses that process personal data and highlight unintended consequences resulting from efforts to comply with the regulation. Listen to Episode 50 — GDPR

April 2019
Pioneers in Skirts

Dave Piscitello recently had the opportunity to preview Pioneers in Skirts, a character-driven documentary addressing gender bias. By revealing how women have overcome bias to succeed when circumstances conspire against them, the movie seeks to encourage cultures worldwide to adopt gender parity.
We at Interisle believe that Pioneers in Skirts is an important film for every work environment, a film that speaks to the issues present in the producers work world and beyond. Please read Dave's call to support Pioneers in Skirts.

February 2019
Dave Piscitello receives the M3AAWG 2019 Mary Litynski Award

The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) announced today that Interisle partner Dave Piscitello is the recipient of the 2019 Mary Litynski Award, which recognizes "the lifetime achievements of an individual who has significantly contributed to making the Internet safer, working far from the public eye over a significant period of time for the greater good." The Award was presented at the 45th M3AAWG meeting in San Francisco.

February 2019
APWG Publishes 2019 Mission Statement

The Anti-Phishing Working Group (APWG) has published its Mission Statement: "2019: A Critical Year for Privacy Rights, Data Protection and Public Safety", written by Interisle partner Dave Piscitello on behalf of the APWG Board of Directors.

February 2019
CAUCE welcomes Dave Piscitello to Board of Directors

The Coalition Against Unsolicited Commercial Email (CAUCE) announced the addition of Dave Piscitello to the Board of Directors. Dave's field and policy experience with exposing and mitigating the exploitation of domain names and the domain name system (DNS) by spammers, cyber-attackers, and cyber-criminals complements the law enforcement, threat research, and email abuse skill sets already present on the board. He will work with CAUCE to raise cross-community awareness of abuses and misuses of domain names and the DNS by studying and calling attention to policy vacuums and weaknesses, by promoting abuse reporting systems that can help governance bodies and lawmakers make informed decisions, and by delivering DNS investigations training programs for law enforcement.

July 2018
Dave Piscitello to join Interisle

David Piscitello, a widely respected security and cybercrime expert with an international reputation fighting criminal abuse of the Internet and its Domain Name System (DNS), will join Interisle Consulting Group upon his retirement from the International Corporation for Assigned Names and Numbers (ICANN). He brings 40 years of experience with network security practices; cybercrime policy, mitigation, and response; and DNS abuse investigation training. For more information about Dave, see his brief bio or check out his recent publications at The Security Skeptic.

January 2018
Why People Hate ISPs

Underlying the debate on "network neutrality" is a pervasive negative attitude in the US towards ISPs. Interisle principal Fred Goldstein has written an article on this topic on TMCnet.

October 2017
Interisle presentation on Title II options at WISPAPALOOZA

Interisle partner Fred Goldstein presented a talk at the Wireless ISP Assocation's WISPAPALOOZA event in October, 2017. He suggests that the debate over whether or not to apply Title II regulation to ISPs is addressing the wrong questions, and that a layered approach would not only be superior, but is what the law actually intended.
See the slides from his presentation.

September 2017
Interisle Selected for ICANN Review of RSSAC

The Internet Corporation for Assigned Names and Numbers (ICANN) has appointed Interisle Consulting Group to conduct an independent review of the Root Server System Advisory Committee (RSSAC). The RSSAC serves to advise the ICANN community and ICANN Board on matters relating to the operation, administration, security, and integrity of the Internet's Root Server System.
Read the ICANN announcement.

July 2017
Interisle Filing to FCC on Network Neutrality

The FCC is now seeking to roll back its 2015 decision to impose Title II regulation on Internet services. Interisle supports removing Title II regulation from ISP services per se but not from the underlying transmission services of large carriers. We propose a set of safe harbors by which these large vertically-integrated ISPs could either offer their transmission services separately or provide a fully-neutral IP service to a point where others can interconnect. If they choose neither option, they should be required to live up to the "four freedoms" of Internet openness.
Read Interisle's full filing.

April 2017
New Associate: Ralph Droms

We are pleased to welcome Ralph Droms as a new Interisle associate.

October 2016
Trends for Wireless ISPs

Interisle's Fred Goldstein delivered a presentation forecasting long-term technical and regulatory trends for the wireless ISP industry at WISPAPALOOZA 2016, the wireless ISP industry's premier trade show.

August 2016
"Community Broadband Bits" Podcast

The second episode of Fred Goldstein's podcast is now available: Just What is the Internet?.

August 2016
"Community Broadband Bits" Podcast

Chris Mitchell of the Institute for Local Self-Reliance interviewed Interisle's Fred Goldstein for his Community Broadband Bits podcast last month. The first of two episodes is available: Smart FCC Decisions Helped Create the Internet.

June 2016
Interisle Selected as FCC Technical Consultant for WISPA

Interisle has been selected by the Wireless ISP Association (WISPA) as their FCC Technical Consultant. This effort, led by Interisle partner Fred Goldstein, involves working with the wireless ISP industry to ensure that their needs are understood by the FCC, and to help the WISP membership with their FCC compliance. WISPA has over 800 members, mostly small businesses, serving millions of customers across the United States, largely in rural areas not served by larger providers.

April 2016
Interisle's Work on Hybrid Broadband Access

Interisle partner Fred Goldstein is cited in an article in the Greenfield, MA "The Recorder" referring to the work he is doing with a number of towns in Western Massachusetts, and New Hampshire to determine the most cost-effective approach to provide broadband access to un-served and under-served communities using a combination of fiber and wireless technologies.

March 2015
Reserved Top Level Domains Proposed

Recent reports by Interisle and others describe the risks associated with the delegation of top-level domain names (TLDs that have previously been used to anchor locally-defined private naming schemes (e.g., Microsoft Active Directory domains)—a scenario commonly referred to as name collision. Three names are identified as particularly risky in the studies by Interisle, JAS Advisors, and ICANN's Security and Stability Advisory Committee (SSAC): home, corp, and mail. Permanent reservation of these three names has been proposed to the Internet Engineering Task Force (IETF) by Interisle partner Lyman Chapin and his colleague Mark McFadden of InterConnect Communications in an Internet Draft that will be discussed at the upcoming IETF meeting in Dallas.

December 2014
Interisle Prepares for OECD Ministerial

The Internet Society coordinates the Internet Technical Advisory Committee (ITAC) for the Organisation for Economic Co-operation and Development (OECD). In preparation for the OECD Ministerial meeting in Mexico City in 2016, Interisle partner Lyman Chapin writes in the latest ITAC newsletter about The Open Internet, and why it is "more than just a good idea." We've all used the term Open Internet so often, in so many different contexts, that we tend to assume that everyone knows what it means—and that it means the same thing to everyone. But some people think that having an "open Internet" is the same as having "network neutrality," and others think that an "open Internet" is simply an anarchy in which the rule of law and other norms of human behavior don't apply. Neither viewpoint captures the essential properties of openness that make the Internet such a uniquely valuable platform for social and economic growth.

December 2014
Interisle Contributes to Ofcom Report

Interisle partner Colin Strutt, working with Jim Reid (RTFM), produced the report on UK IPv4 and IPv6 address allocations for, and now published by, Ofcom, the UK communications regulator. Portions of the report were included in the larger Ofcom Infrastructure Report 2014.

October 2014
Interisle Presents at WISPA Convention

Interisle partner Fred Goldstein spoke at WISPAPALOOZA, the annual convention of the Wireless ISP Association (WISPA), in Las Vegas. His topics included hybrid fiber-wireless networks and opportunities for WISPs selling to local governments. Both drew upon Interisle's experiences managing PSnet for the Metro Boston Homeland Security Region. He also joined attorney Steve Coran in a presentation on Network Neutrality, a subject in which the interests of small ISPs, and their customers, are often overlooked. Interisle looks forward to working with more members of the Wireless ISP community in the future.

March 2014
Name Collisions at WPNC

Interisle partner Colin Strutt has been invited to present at the Workshop and Prize on Root Causes and Mitigation of Name Collisions (WPNC) 8–10 March 2014 in London. The title of his talk is "Looking at corp.com as a proxy for .corp" where he presents results of analyzing name collisions in DNS queries to corp.com and suggests approaches for ISPs and similar organizations to prepare to support users before and after delegation of new gTLDs.

February 2014
Streaming Video and the Internet

Video now constitutes as much as half of consumer Internet traffic, and is growing rapidly. This puts pressure on ISPs, leading to peering disputes and other issues with the video providers, notably Netflix. Interisle partner Fred Goldstein explores why streaming video is not just another application in his article "Streaming Video Isn't Playing Nice With the Internet".

February 2014
Why the Internet is, by Definition, Ungovernable

Following on from his presentation "Internet by Definition" at the e-Conference "Is There A Third Way For The Internet: Neither The US Nor The UN But Independence?", Interisle partner Fred Goldstein expanded this into an article on the subject, "Why the Internet is, by Definition, Ungovernable".

January 2014
Name Collisions at Domain pulse

Interisle partner Colin Strutt has been invited to present at Domain pulse 2014 (being held 20–21 February 2014 in Salzburg, Austria) on the results of the Name Collision Study that Interisle conducted for ICANN.

November 2013
Internet by Definition

On November 12, Interisle partner Fred Goldstein was a panelist in the e-Conference "Is There A Third Way For The Internet: Neither The US Nor The UN But Independence?", sponsored by the Columbia Institute for Tele-Information (CITI) of the Columbia University Business School.
His presentation "Internet by Definition" (which begins around 1:07:50) explained why the Internet, as a set of voluntary agreements, cannot actually be governed, though its participants may trust coordination functions, which are essentially consultative.

August 2013
Interisle's DNS Name Collision Report Posted

Interisle's report on Name Collision in the DNS has been posted by ICANN.

August 2013
Interisle provided input to the FCC

Interisle partner Fred Goldstein has filed these Comments with the FCC in the recent docket concerning whether, or how, non-carrier Interconnected Voice over IP service providers should have direct access to telephone numbers. He points out how some of the suggested methods could have a destabilizing effect on the public switched telephone network.

May 2013
Interisle report on Barnstable County IT & Telecomms survey published

The Cape Cod Economic Development Council published Interisle's report on a 2012 survey of Barnstable County IT and Telecommunications. You can read more about the CCEDC project at their website.

November 2012
Support for the FCC's Open Internet Order

Interisle partner Lyman Chapin is one of the Internet engineers and technologists who have filed a brief amicus curiae supporting affirmation of the FCC's 21 December 2010 Open Internet Order, which has been challenged by Verizon and MetroPCS in the United States Court of Appeals for the District of Columbia Circuit. The summary of the argument presented in the brief begins "The Internet's remarkable ability to generate innovation, investment, and economic growth is a product of its openness."

June 2012
Interisle's WHOIS Survey Report Posted

Interisle's report on the WHOIS Proxy/Privacy Reveal & Relay feasibility survey has been posted by ICANN.

April 2012
Interisle Will Evaluate Applications for New Internet Top-Level Domains

ICANN is preparing to add hundreds of new top-level domains (TLDs) to the DNS, and Interisle will be evaluating each one to be sure that the proposed TLD name and registry services don't jeopardize Internet security or stability. Interisle was selected as the Registry Services and DNS Stability evaluator last November, and will begin work on the first batch of applications on June 12. New TLDs that pass all of the evaluations will begin to appear in the DNS in mid-2013.

November 2011
Interisle welcomes Fred Goldstein as a new Principal. Fred has already been working with Interisle for many years. He adds his extensive experience to Interisle, particularly in the telecommunications space.

June 2011
Interisle Consulting Group Selected to Conduct Survey to Identify Potential Participants for a gTLD Whois “Relay” and “Reveal” Study

June 17 — ICANN has engaged Interisle Consulting Group to survey gTLD domain name registrants, registrars, and privacy and proxy service providers regarding their willingness and ability to participate in future Whois Relay and Reveal studies. The survey will gauge the willingness and ability of request originators, privacy/proxy providers, and registrars to participate in future studies, by identifying factors that would facilitate or inhibit their participation and by developing a list of individuals and organizations potentially willing to participate. Jim Reid of RTFM Ltd. will collaborate with Interisle on this project.

February 2011
Interisle and Galaxy continue to support the Metro Boston Homeland Security Region in the ongoing evolution of their regional network to support public safety organizations, or "PSnet." We are currently working on an extension of PSnet Phase 4 to complete integration with the region's Critical Infrastructure Monitoring System (CIMS) microwave network, including security hardening and improvements in maintainability. The goals are to continue to drive down future recurring costs while providing a highly resilient, high capacity network that leverages both fiber optic and microwave communications in a complementary manner. Network capacity continues to increase as new links are added into the backbone while overall resilience and survivability improves. Enhancements to network monitoring and management are being used to improve security and maintainability, while also supporting day-to-day operations and future planning.

October 2008
Phase 3 of the PSnet project is now under way. Interisle, operating with partner Galaxy Internet Services, will will be providing expertise in several technical, policy, and governance areas related to this effort, under which nine municipalities in greater Boston are collaborating, together with State and Federal agencies, universities, and other nongovernmental organizations, to build and operate a high-quality regional network supporting public safety applications. PSnet applies many of the technical and governance principles underlying the public Internet to create a flexible, dynamic network by interconnecting existing and planned networks within a unified policy, operational, and governance framework.

September 2008
Interisle has completed a comprehensive review of the African Network Operators Group (AfNOG), a forum for technical coordination and cooperation among African Internet service providers and network engineers from the region’s universities, research institutions, and industry. The review affirms AfNOG's extraordinary success over the past nine years in fulfilling its core mission: improving the accessibility and value of the Internet in Africa by training engineers and nurturing a collaborative community of networking experts. It also identifies potential impediments to future growth and effectiveness, and recommends steps that AfNOG's organizers and supporters could take to avoid them.

March 2008
Chuck Wade has developed a spreadsheet tool for IP address planning and inventory tracking. It supports supernetting and subnetting, and can be used by merely entering CIDR values. It detects errors, and eliminates the tedium of converting between binary and dotted decimal notations. You can get more information and download this tool as an Excel workbook from this page.

March 2008
The MIT Kerberos Consortium has engaged Interisle to develop whitepapers and technical best practices documentation for the growing community of Kerberos users and developers. Kerberos is widely used as a single sign-on authentication solution for both users and services, and it also plays an important role in several emerging technologies. As the Kerberos community expands, and more system administrators work with Kerberos in mixed platform environments, there is greater need for sound guidance on best practices for deploying and managing Kerberos-based security solutions.

January  2008
Interisle will work with ICANN and Deloitte Audit & Enterprise Risk Services (Belgium) to develop criteria and procedures for evaluating applications for new generic top-level domain names (gTLDs). Existing gTLDs include .com, .net, and .org; the term "generic" distinguishes these domains from those based on country codes, such as .br (Brazil) and .jp (Japan). ICANN's Generic Names Supporting Organisation (GNSO) approved policies for the introduction of new gTLDs on 6 September 2007; ICANN is expected to begin processing new gTLD applications in mid-2008.

August  2007
In cooperation with The National Clearing House and MorSecure, Interisle principal Colin Strutt edited Parts 2 and 3 of the X9AB WG17 ANSI Draft Standard for Trial Use X9.100-172, “Specifications for the Validation of Interoperable Check Security Feature (ICSF)”, which was approved by the X9 and ANSI boards on 10 August 2007.

April  2007
Interisle principal Lyman Chapin has served for the past 13 years as the USA and ACM representative to the communication systems technical committee of the International Federation for Information Processing (IFIP TC6). His most recent report appears in the April 2007 issue of the ACM SIGCOMM Computer Communication Review.

January 2007
Interisle associate Joel Halpern is working in the Internet Engineering Task Force (IETF) on a Forwarding and Control Element Separation (ForCES) protocol, which defines a standard communication and control mechanism through which a network Control Element (CE) can control the behavior of a network Forwarding Element (FE). His latest Internet Draft is draft-halpern-forces-lfblibrary-vpn-00.

March 2006
Lyman Chapin has been appointed to chair a standing technical panel of experts that will review proposals to the
Internet Corporation for Assigned Names and Numbers (ICANN) for new registry services at the top level of the Domain Name System (DNS).

November 2005
Interisle is providing project management and thought leadership to a number of efforts being conducted under the auspices of the Financial Services Technology Consortium (FSTC). These projects include:

August 2005
The Internet Society (ISOC) was established in 1992 to promote the open development, evolution, and use of the Internet for the benefit of all people throughout the world. Lyman Chapin, who is also one of ISOC's co-founders, recently developed a new Strategic Operating Plan for the Society, which was adopted by the ISOC Board of Trustees on August 5th, 2005.

Privacy Statement

© Interisle Consulting Group