[council] e-Crime and Abuse of the DNS Forum: a global perspective

Wed Mar 4 15:11:09 UTC 2009

Thanks for your email, Mike.  "Narrow mission" is used in the context
of the e-Crime and DNS Forum in which participants will be discussing
(among other things) activities over which ICANN has no control nor
responsibility.  We welcome your contributions to the discussion.

See you at 14:00.

Regards,
Denise

Denise Michel
ICANN Vice President
Policy Development
denise.michel at icann.org
+1.408.429.3072 mobile
+1.310.578.8632 direct

On Wed, Mar 4, 2009 at 9:01 AM, Mike Rodenbaugh <icann at rodenbaugh.com> wrote:
>
> ICANN does not have a "narrow mission" -- as clearly proved by its $60
> million annual budget.  So I respectfully request that Staff please stop
> saying so in public materials.
>
> Thanks.
>
> Mike Rodenbaugh
> Rodenbaugh Law
> 548 Market Street
> San Francisco, CA  94104
> +1.415.738.8087
> www.rodenbaugh.com
> - Show quoted text -
>
> -----Original Message-----
> From: owner-council at gnso.icann.org [mailto:owner-council at gnso.icann.org] On
> Behalf Of Denise Michel
> Sent: Tuesday, March 03, 2009 2:15 PM
> To: ccNSO Council; ccnso-members at icann.org; council at gnso.icann.org;
> liaison6c; At-Large Worldwide; Steve Crocker; jun at wide.ad.jp; Louis Lee;
> adiel at afrinic.net; Janis Karklins
> Subject: [council] e-Crime and Abuse of the DNS Forum: a global perspective
>
> Greetings.
>
> The main session of "e-Crime and Abuse of the DNS Forum: a global
> perspective" scheduled for Wednesday, March 4, 14:00-18:00 in Don-Alberto
> 2-4 (Main Room), will be scribed, and the transcript and all presentations
> will be publicly posted at <http://mex.icann.org/node/2653>.  Included below
> and attached in Word is an updated agenda.  I know that overlapping meetings
> have been scheduled and not all interested community members will be able to
> attend the Forum, but rest assured that all available information will be
> publicly posted, including the results of the break-out sessions.
>
> Regards,
> Denise
>
> Denise Michel
> ICANN Vice President
> Policy Development
> -----------------------------------
>
>
> e-Crime and Abuse of the DNS Forum: a global perspective
>
> Organized by ICANN Staff in Cooperation with the At-Large Summit
>
> Wednesday, March 4
> 14:00-18:00
> Hotel Sheraton Centro Historico
> Don-Alberto 2-4 Conference Room
>
> The Forum will provide participants with an opportunity to discuss numerous
> global activities and issues related to e-Crime and DNS abuse that involve a
> broad array of international stakeholders.  While not all of these issues
> fall within ICANN's narrow mission, the Forum is intended to facilitate
> public dialogue and working relationships on e-Crime and DNS abuse among
> members of the global Internet community, as requested by the ICANN
> community.
>
> Welcome   Alejandro Pisanty (former Director, ICANN Board; National
> University of Mexico) Time:  14:00 - 14:10
>
> Alejandro Pisanty will provide an introduction to the Forum including its
> format, aims, and objectives.
>
> Session 1. The e-Crime Landscape         (Time: 14:10 - 15:03)
>
> Moderator: Cheryl Langdon-Orr (Chair, At-Large Advisory Committee)
> (14:10-14:13)
>
> Panel: Beau Brendler (Consumer Reports WebWatch Project); Fred Felman
> (MarkMonitor); and Jeffrey Bedser (Internet Crimes Group)
>
> Introduction to E-Crime (20 minutes) (14:13 - 14:33) Beau Brendler will
> provide an overview of the manner in which e-Crime affects consumers as well
> as discuss activities that aim to educate the public regarding e-Crime
> risks.  Fred Felman will review recent e-Crime trends, and highlight types
> of harms to end-users.
>
> Sizing and Scoping e-Crime (20 minutes) (14:33-14:53) Jeffrey Bedser will
> describe the e-Crime ecosystem and explain how organized crime uses the
> Internet and the DNS to facilitate criminal acts against end-users. Jeffrey
> will also discuss emerging legal efforts that focus on protecting end-users
> against Internet-based crime. Jeffrey will use the results of extensive
> attack traffic, DNS, and domain name data analysis to illustrate that
> e-Crime is able to exploit resources from virtually any user and provider in
> the global Internet. He will describe how criminal attack network activity
> is distinguished from legitimate (production) traffic. Jeffrey will also
> show the hotspots for bot and malware activity and where domain names are
> used to abet e-crime are registered.
>
> Audience Questions (10 minutes) (14:53-15:03)
>
> Session 2. Criminal Attacks and Abuse Response Today   (Time: 15:03-16:11)
>
> Moderator: Greg Rattray (Chief Internet Security Advisor, ICANN) Time:
> 15:03 - 15:06
>
> Panel:  Rod Rasmussen (Internet Identity); Tim Ruiz (GoDaddy), Greg Aaron
> (Afilias), Law Enforcement (TBD); Vanda Scartezini (At-Large Advisory
> Committee); Jeff Neuman (NeuStar); Oscar Robles-Garay
> (NIC.mx)
>
> Case studies in global criminal attacks (20 minutes) (15:06-15:26) Rod
> Rasmussen will describe the chronology of events leading to the discoveries
> and cessations of two noteworthy security incidents.  He will describe both
> the parties involved in, and the events leading up to, the disconnection of
> the McColo hosting provider, and the sustained disruption of Srizbi bot
> communications with their command and control servers by preventing the
> automated registrations of botnet domains.  Rod will describe the events
> surrounding the attack against the e-billing company, CheckFree, through its
> domain names, the immediate effects, related phishing of registrars, and the
> prospects for future, similar attacks against the financial sector and
> end-users.
>
> Abuse Response Today - (30 minutes) (15:26-15:56) The speakers will describe
> their respective roles in responding to, and acting upon, criminal
> complaints where domain names are used to abet criminal activities, and how
> to protect legitimate end-users from erroneous shut-downs (false positives).
> A law enforcement expert will describe the role of the private sector in
> cooperating with law enforcement agencies, and in proactively responding to
> E-crime so as to protect consumers.
>
> Audience Questions (15 minutes) (15:56-16:16:11)
>
> Session 3.  Role of ICANN Stakeholders and Staff in Responding to e-Crime
> (45 minutes) Time: 16:11-17:01
>
> Moderator:  Lyman Chapin (former Director, ICANN Board) (16:11-16:14)
>
> Panel: Jon Nevett (Network Solutions); Garth Bruen (Knujon); Steve Metalitz
> (Intellectual Property Constituency); David Giza (ICANN Compliance Office);
> Roelof Meijer (SIDN); Adam Palmer (Public Interest Registry); Rudi Vansnick
> (ISOC.be); Marc Ottawa (Royal Canadian Mounted Police); Andy Steingruebl
> (PayPal); Tony Harris (Cabase)
> (16:14-16:56)
>
> The speakers will describe how current ICANN gTLD and ccTLD policies and
> contractual obligations of registries and registrars help combat E-crime.
> The role of ICANN's Compliance Office in reinforcing these efforts, such as
> in the areas of WHOIS accuracy, and registrar breach notices, will be
> explained.  The speakers will also discuss the efforts among industry groups
> to develop voluntary guidelines and share data to enhance the private
> sector's responses to e-Crime.
>
> Audience Questions (15 minutes) (16:56 - 17:01)
>
> Next Steps - e-Crime Break-Out Sessions (60 minutes) Time: 17:01 - 18:01
>
> Instructions:   Denise Michel, ICANN Vice President, Policy Development
>
> The public will have an opportunity to participate in further detailed
> discussion and exchange of information by joining one of several break-out
> sessions on specific issues moderated by the individuals identified below:
>
> .       Law Enforcement and ccTLDs (Marc Moreau and Erick Iriarte Ahon)
> .       Consumer Protection  in Existing and New TLDs (Beau Brendler and
> Holly Raiche, Executive Director, ISOC-AU)
> .       The Role of ICANN (Jon Nevett, Kristina Rosette, and Doug Brent,
> Chief Operating Officer, ICANN)
> .       e-Crime in Latin America  - conducted in Spanish  (Vanda Scartezini
> and Alejandro Pisanty)
>
> The moderators of each break-out session will summarize any suggested next
> steps and recommendations from their respective group during the Public
> Forum.
>
>