14 June 2022
Malware Landscape 2022
Interisle Consulting Group has published a major new research report,
Malware Landscape 2022: A Study of the Scope and Distribution of Phishing.
The study, which analyzed 2.5 million records of distinct malware events from April 1, 2021 to March 31, 2022 collected by the Cybercrime Information Center,
explains what malware was most prevalent, where malware was served from, and what resources criminals used to pursue their attacks.
14 March 2022
EU High Level Internet Governance
Interisle principal Dave Piscitello presented at a recent meeting of the EU High Level Internet Governance expert group, discussing domain name abuse,
following a presentation of a Study on Domain Name System (DNS) Abuse
commissioned by the European Commission. The Phishing Landscape 2021 Study and other related Interisle studies are mentioned in the EC study.
25 February 2022
Improvements to the CyberCrime Information Center
Interisle principal Colin Strutt posted a blog entry
at the CyberCrime Information Center describing recent improvements to our cybercrime analysis. CIC is now gathering domain registration data for ccTLDs;
we've improved identification of brands targeted by phishing; and we've enhanced our ability to discern phishing domains that were registered maliciously.
6 January 2022
Interisle principal Andy Malis issued 6th US patent
Interisle principal Andy Malis is a co-author of US patent 11,201,820, issued on December 14, 2021.
The patent, "Segment Routing in MPLS Network", describes methods and devices such
as routers for performing segment routing in MPLS networks. This adds the ability for MPLS networks (including those carrying IPv4 traffic) to support network
programming and router-based network services (such as network statistics, service level verification, firewall filtering, and server load balancing),
which were previously only available when segment routing is used in a native IPv6 network.
30 November 2021
Economic impact payments (EIP) Phishing: US citizens under attack from US bases of phishing operations
Interisle Principals Dave Piscitello and Colin Strutt
report
on a prolonged phishing campaign that targets US citizens with an Economic Impact Payment (EIP) theme.
EIP phishing emails and text messages mimic correspondence to convince US citizens to submit personal information or an advance fee payment at
a bogus IRS web site. Dave and Colin analyzed 5700 links to determine where phishers were acquiring resources for their EIP phishing pages and
identified a decidedly US nexus. US citizens are largely being phished from US hosting services using US based registrars and domain names
delegated from US based Top-level domains. Dave and Colin assess the circumstances hindering takedowns of this prolonged campaign and discuss
policy and legislative activity that could be adopted to protect US citizens specifically, and all targets of phishing generally.
17 November 2021
Malware Landscape 2021
Interisle Consulting Group has published a major new research report,
Malware Landscape 2021: A Study of the Scope and Distribution of Phishing.
Interisle collected nearly 1.7 million malware reports collected from January 1, 2021 to June 30, 2021, which shows a 663% increase in malware reports in the first half of 2021.
Our analysis allowed us to understand what malware was most prevalent, where malware was served from or distributed, and what resources criminals used to pursue their attacks.
22 September 2021
Phishing Landscape 2021
Interisle Consulting Group has published a major new research report,
Phishing Landscape 2021: An Annual Study of the Scope and Distribution of Phishing.
Interisle collected nearly 1.5 million phishing reports representing approximately 700,000 unique phishing attacks from four respected threat intelligence sources
over a period of 12 months. This extensive data set formed the basis for an in-depth analysis of how and where criminals are getting the resources they use to scam
Internet users, and points to better ways to fight phishing.
1 August 2021
New Whois Survey Findings
Dave Piscitello was one of four principal investigators of a joint M3AAWG and the Anti-Phishing Working Group (APWG) survey,
ICANN, GDPR, and the WHOIS: A Users Survey — Three Years Later.
The survey asked cyber investigators and anti-abuse service providers to describe
ongoing impacts of ICANN's implementation of the EU GDPR, the Temporary Specification for gTLD Registration Data (Temporary Specification, adopted in May 2018).
28 June 2021
Domain Security Report
Interisle Consulting Group announced the publication of an industry report,
Domain Security: A Critical Component of Enterprise Risk Management.
The report describes the adverse and costly consequences when an organization becomes a victim of domain name hijackings or misuse.
Interisle recommends that organizations need to include domain names in their enterprise risk management planning and execution.
25 June 2021
Updated Phishing Activity Reports Available
Phishing activity updates for the period November 1, 2020 through January 31, 2021 are now available at the
Cybercrime Information Center.
The updates include measurements and rankings of Top-level Domains, Domain Registrars, and Hosting Networks (ASNs) for the period.
Comparisons of measurements against the prior period — May 1, 2020 through July 31, 2020 and August 1, 2020 through October 31,2020 — are also available.
9 June 2021
Andy Malis co-authors more RFCs on Deterministic Networking
Interisle partner Andy Malis participates in the Internet Engineering Task Force's Deterministic Networking (DetNet) project,
focused on deterministic data paths providing bounds on latency, loss, jitter, and high reliability. DetNet is publishing
RFCs on this topic, with Andy as co-author on some, including
RFC 9023: Deterministic Networking (DetNet) Data Plane: IP over IEEE 802.1 Time-Sensitive Networking (TSN),
RFC 9024: Deterministic Networking (DetNet) Data Plane: IEEE 802.1 Time-Sensitive Networking over MPLS,
and RFC 9037, Deterministic Networking (DetNet) Data Plane: MPLS over IEEE 802.1 Time-Sensitive Networking (TSN).
30 April 2021
Updated Phishing Activity Reports Posted
Phishing activity updates for the period August 1, 2020 through October 31, 2020 are now available at
the Cybercrime Information Center.
The updates include measurements and rankings of Top-level Domains, Domain Registrars and Hosting Networks (ASNs) for the August 1, 2020 through October 31,2020 period.
Comparisons of measurements against the prior period, May 1, 2020 through July 31, 2020 are also available.
1 March 2021
Interisle Launches the Cybercrime Information Center
Cybercrime—phishing, pharming, botnets, malware, and spam—threatens every Internet user. To fight cybercrime we need to know how criminals acquire
and use the Internet resources that enable their criminal activity. The Cybercrime Information Center
(CIC) will gather and publish the facts about cybercrime. By publishing its measurement data, the Center will identify the sources and mechanisms of
cybercrime, as defined in the Council of Europe's Budapest Convention
on Cybercrime. Researchers, governments, businesses, and others will be able to use CIC data to evaluate the policies and practices that attract and encourage
criminal activity.