The recent TF-CSIRT meeting in Zurich included a talk by the Swiss telecoms regulator (like ours, called Ofcom, though their 'F' stands for Federal!) on the law covering websites in the .ch domain that distribute malware, normally as the result of a compromise.
The EU has finally adopted a new Directive on attacks against information systems, first proposed in 2010. The Directive will require Member States, within two years, to ensure they meet its requirements on
Nominet have published an interesting analysis of the legal issues around any possible process for suspending domains associated with criminal activity. This raises the rather worrying issue that the legal position is not clear if a registry is informed of unlawful conduct somewhere in their domain and decides that the evidence is not strong enough to justify them acting.
An interesting news item from SWITCH, the Swiss NREN and also operator of the .ch and .li TLD registries, on how they are alerting website owners to malware and, if necessary, taking action to protect customers from being infected.
Questions about my last posting on Nominet's DNS domain suspension discussions, have got me thinking a bit more about my idea of "domains registered for a criminal purpose". My suggestion is that these should be the only domains that a top-level registry can remove on its own, rather than asking for the decision to be taken by an independent authority.
Nominet have announced a consultation on allowing (someone with a very long memory has pointed out to me that this is actually re-allowing) the registration of domains directly under the .uk top level domain, as well as in the familiar second-level domains such as .ac.uk, .co.uk, .org.uk, etc. Illustrating the sort of domain that could become possible, the proposed service is called Direct.uk
An interesting paper from ENISA and the NATO Cyberdefence Centre illustrates the narrow space that the law allows for incident response, and the importance of ensuring that new laws don’t prevent incident response teams from protecting networks, systems, their users and information against attack.
I’ve submitted a Janet response to a European consultation on a future EU Network and Information Security legislative initiative.
Earlier in the year I wrote about the German ISP Association's scheme to remove the economic disincentive for ISPs to inform their customers of botnet infections on their PCs by providing a centrally-funded helpdesk. In Latvia a different approach has been taken: providing a "responsible ISP" mark that consumer networks can use on their websites and other promotional materials. To be entitled to use the mark an ISP must satisfy three conditions:
The House of Commons Science and Technology Committee has published a report on Malware, which recommends increased awareness among Internet users as the best way to deal with the problem. There’s a welcome recognition that “it is clear that there is no easy technological answer to cyber crime...
