The research that we conduct for clients frequently leads to insights with lasting significance.
Our knowledge base spans a very wide range of subjects that inform our system-level approach to resilience. We've captured insights of particularly lasting significance in a series of Interisle white papers.
Cybercrime Supply Chain 2024: Measurements and Assessments of Cyber Attack Resources and Where Criminals Acquire Them
Interisle researchers, using data from the Cybercrime Information Center, analyzed more than 10 million cybercrime records and found distinct, persistent patterns of exploitation and abuse covering a 365-day period from September 2022 to August 2023.
Phishing Landscape 2024: An Annual Study of the Scope and Distribution of Phishing
Interisle’s fourth annual study examines nearly four million phishing reports collected from May 2023 to April 2024 and provides historical measurements using over 15 million phishing reports collected at the Cybercrime Information Center over a four year period.
Cybercrime Supply Chain 2023: Measurements and Assessments of Cyber Attack Resources and Where Criminals Acquire Them
Interisle researchers, using data from the Cybercrime Information Center, analyzed more than 10 million cybercrime records and found distinct, persistent patterns of exploitation and abuse covering a 365-day period from September 2022 to August 2023.
Phishing Landscape 2023: An Annual Study of the Scope and Distribution of Phishing
The study, which analyzes over 3 million phishing reports representing over 1.1 million phishing attacks, shows that phishing increased by 61% over the period 1 May 2021 through 30 April 2022.
Malware Landscape 2023: A Study of the Scope and Distribution of Malware
Interisle reviewed over 7 million reports of distinct malware events from January 2022 to December 2022 collected by the Cybercrime Information Center, examining malware that attacks both IoT and user-attended devices ("endpoints"). This year Interisle also studied reports of malicious traffic sources: malware that is used to scan web sites for exploitable vulnerabilities, to inject malicious content into web forms, or to conduct denial of service attacks.
Phishing Landscape 2022: An Annual Study of the Scope and Distribution of Phishing
The study, which analyzes over 3 million phishing reports representing over 1.1 million phishing attacks, shows that phishing increased by 61% over the period 1 May 2021 through 30 April 2022.
Malware Landscape 2022: A Study of the Scope and Distribution of Malware
Interisle researchers analyzed 2.5 million records of distinct malware events from April 1, 2021 to March 31, 2022 collected by the Cybercrime Information Center, to identif what malware was most prevalent, where malware was served from, and what resources criminals used to pursue their attacks. The study provides yearly and year-over-year measurements.
Malware Landscape 2021: A Study of the Scope and Distribution of Malware
The study, which analyzes nearly 1.7 million malware reports collected from January 1, 2021 to June 30, 2021, shows a 663% increase in malware reports in the first half of 2021. Our analyses identify what malware was most prevalent, where malware was served from or distributed, and what resources criminals used to pursue their attacks
Phishing Landscape 2021: An Annual Study of the Scope and Distribution of Phishing
Phishing continues to pose a significant threat to millions of Internet users. This study, which analyzes nearly 1.5 million phishing reports representing 700,000 phishing attacks, shows that phishing increased by nearly 70% over the period 1 May 2020 through 30 April 2021. The study also reports that most phishing occurs on domains purposely (maliciously) registered for phishing attacks.
Domain Security: A Critical Component of Enterprise Risk Management
This report describes the adverse and costly consequences when an organization becomes a victim of domain name hijackings or misuse. Interisle recommends that organizations need to include domain names in their enterprise risk management planning and execution. Interisle's analysts describe incidents where major corporations, government agencies, financials, or crypto-currency exchanges fell victim to domain theft or “hijackings.” The research indicates that such hijacking incidents occur with disturbing frequency, even among the large enterprises or government services across the globe.
WHOIS Contact Data Availability and Registrant Classification Study
The report presents an in-depth analysis of how contact data for Internet domain names — which make all web sites, email, and apps work-has disappeared from public access, impeding cybercrime investigation, consumer protection, Internet security, and online commerce. The Interisle study finds that ICANN's GDPR-driven policy has resulted in the redaction of contact data for 57% of all generic Top-level Domain (gTLD) names, perhaps five times more contact data than is required by the GDPR.
Phishing Landscape 2020: A Study of the Scope and Distribution of Phishing
Our goal in this Interisle study was to capture and analyze a large set of information about phishing attacks, to better understand how much phishing is taking place and where it is taking place, and to see if the data suggests better ways to fight phishing.
Domain Name Registration: Data at the Crossroads
The report measures the effectiveness and impact of ICANN's registration data access policies and procedures by examining the practices of 23 registrars, which collectively sponsor more than two-thirds of the registrations in the generic top-level domains (gTLDs). This study determines whether they comply with ICANN's policies and related contractual obligations, and also to the European Union's General Data Protection Regulation (EU GDPR).
Criminal Abuse of Domain Names: Bulk Registration and Contact Information Access
In this study Interisle investigates how cybercriminals take advantage of bulk registration services to “weaponize” large numbers of domain names for their attacks.
Latest News
23 January 2024: Trends in Spam
Analysis of spam data for September to November 2023 shows that the number of domains reported for spam declined for the third straight quarter. But that still represents over 200,000 unique spam domains each month. New gTLDs and subdomain reseller accounts continue to attract more spammers. More…