16 March 2023
Interisle Welcomes New Associate Karen Rose
No, not the romantic suspense author who wrote Cold Blooded Liar-the internationally recognized Internet policy and digital economy expert
who served as Senior Director of Strategy and Analysis at the Internet Society. Karen's 30 years of public and private sector experience
and her reputation for insightful analysis of global Internet issues extend and amplify Interisle's ability to provide authoritative advice
to its clients. You can watch her describe ICANN's relationship with the U.S. Government—and her role in creating it—in
this interview for the ICANN History Project.
14 March 2023
Malware Landscape 2023
Interisle Consulting Group has published a major new research report,
Malware Landscape 2023: A Study of the Scope and Distribution of Malware.
Interisle reviewed over 7 million reports of distinct malware events from January 2022 to December 2022 collected
by the Cybercrime Information Center, examining malware that
attacks both IoT and user-attended devices ("endpoints"). This year Interisle also studied reports of malicious traffic sources:
malware that is used to scan web sites for exploitable vulnerabilities, to inject malicious content into web forms, or to conduct
denial of service attacks.
9 March 2023
Interisle's Andy Malis Awarded 7th Patent
Andy Malis was granted US Patent 11,582,148 on February 14, 2023, MPLS Extension Headers for In-Network Services. This patent describes methods and devices
(e.g., routers) that add in-network services to a multiprotocol label switching (MPLS) network. This can include an MPLS network router receiving and modifying
a packet by adding one or more MPLS extension headers, adding one or more extension header(s), and adding an indication within an MPLS label stack that one
or more MPLS extension headers have been added to the packet.
28 February 2023
Another Quarter's Malware Analyzed
Analysis of the October to December 2022 malware data from the
CyberCrime Information Center shows a 34% increase in IoT malware and a 31% increase in endpoint malware
compared to the previous quarter. Mozi is on the rise again, and vulnerability scanners are running rampant. Also noteworthy, there was a 121% increase in domains names
reported for hosting malware.
23 September 2022 (Updated 1 November)
Dave Piscitello to present at M3AAWG
Dave Piscitello will present findings and recommendations from two recent Interisle studies of phishing and malware at the M3AAWG meeting in October.
Data from three million phishing reports, as well as analysis and recommendations about two and a half million records of malware will be shared.
Update: 1 November 2022
Anne Price summarized Dave's presentation in a M3AAWG blog post,
"Coordinated Action is Needed as Phishing and Malware Attacks Skyrocket; Domains, Brands and Services Targeted".
10 August 2022
Making the Internet a More Secure Place
David Strom interviews Dave Piscitello for Czech company Avast's popular
Cybersecurity blog,
where he reviews Interisle's 2022 Phishing Landscape Study. Strom notes that "What makes [the] report
especially powerful is that it includes data from four commercial information sources" and the two Davids discuss the merits/benefits when organizations
employ more than one blocklist in their antiphishing defenses.
31 July 2022
Interview with Dave Piscitello
Interisle principal Dave Piscitello was interviewed for Authority Magazine's series
5 Things You Need To Know To Optimize Your Company's Approach to Data Privacy and Cybersecurity.
19 July 2022
Phishing Landscape 2022
Interisle Consulting Group has published a major new research report,
Phishing Landscape 2022: An Annual Study of the Scope and Distribution of Phishing.
Interisle collected more than 3 million phishing reports representing over 1.1 million phishing attacks from four respected threat intelligence sources
over a period of 12 months. This extensive data set formed the basis for an in-depth analysis of how and where criminals are getting the resources they use to scam
Internet users, and points to better ways to fight phishing.
14 June 2022
Malware Landscape 2022
Interisle Consulting Group has published a major new research report,
Malware Landscape 2022: A Study of the Scope and Distribution of Malware.
The study, which analyzed 2.5 million records of distinct malware events from April 1, 2021 to March 31, 2022 collected by the Cybercrime Information Center,
explains what malware was most prevalent, where malware was served from, and what resources criminals used to pursue their attacks.
14 March 2022
EU High Level Internet Governance
Interisle principal Dave Piscitello presented at a recent meeting of the EU High Level Internet Governance expert group, discussing domain name abuse,
following a presentation of a Study on Domain Name System (DNS) Abuse
commissioned by the European Commission. The Phishing Landscape 2021 Study and other related Interisle studies are mentioned in the EC study.
25 February 2022
Improvements to the CyberCrime Information Center
Interisle principal Colin Strutt posted a blog entry
at the CyberCrime Information Center describing recent improvements to our cybercrime analysis. CIC is now gathering domain registration data for ccTLDs;
we've improved identification of brands targeted by phishing; and we've enhanced our ability to discern phishing domains that were registered maliciously.
6 January 2022
Interisle principal Andy Malis issued 6th US Patent
Interisle principal Andy Malis is a co-author of US patent 11,201,820, issued on December 14, 2021.
The patent, "Segment Routing in MPLS Network", describes methods and devices such
as routers for performing segment routing in MPLS networks. This adds the ability for MPLS networks (including those carrying IPv4 traffic) to support network
programming and router-based network services (such as network statistics, service level verification, firewall filtering, and server load balancing),
which were previously only available when segment routing is used in a native IPv6 network.
30 November 2021
Economic impact payments (EIP) Phishing: US citizens under attack from US bases of phishing operations
Interisle Principals Dave Piscitello and Colin Strutt
report
on a prolonged phishing campaign that targets US citizens with an Economic Impact Payment (EIP) theme.
EIP phishing emails and text messages mimic correspondence to convince US citizens to submit personal information or an advance fee payment at
a bogus IRS web site. Dave and Colin analyzed 5700 links to determine where phishers were acquiring resources for their EIP phishing pages and
identified a decidedly US nexus. US citizens are largely being phished from US hosting services using US based registrars and domain names
delegated from US based Top-level domains. Dave and Colin assess the circumstances hindering takedowns of this prolonged campaign and discuss
policy and legislative activity that could be adopted to protect US citizens specifically, and all targets of phishing generally.
1 March 2021
Interisle Launches the Cybercrime Information Center
Cybercrime—phishing, pharming, botnets, malware, and spam—threatens every Internet user. To fight cybercrime we need to know how criminals acquire
and use the Internet resources that enable their criminal activity. The Cybercrime Information Center
(CIC) will gather and publish the facts about cybercrime. By publishing its measurement data, the Center will identify the sources and mechanisms of
cybercrime, as defined in the Council of Europe's Budapest Convention
on Cybercrime. Researchers, governments, businesses, and others will be able to use CIC data to evaluate the policies and practices that attract and encourage
criminal activity.