The Global Cyber Alliance (GCA), in its mission to enable a secure and trustworthy Internet —by making the Internet a safer place by reducing cyber risk— has convened a community of organizations across the globe, working together and driven by data, to help increase the integrity of the Internet by decreasing the number and impact of domains registered for cybercrime and other malicious purposes. This effort is known as the Domain Trust Community.
Simply stated, our goal in establishing the Domain Trust Community is to reduce the amount and impact of domains being registered or appropriated for abuse.
Internet domains are a major vector for cyberattacks. Everyday thousands of domains are registered with the sole intent of conducting criminal activity such as phishing or distributing malware. They are used by criminals and state-sponsored actors to conduct attacks that deliver malware, defraud people, and conduct other illicit activities. Domains can be registered quickly, cheaply, and in bulk, allowing cybercriminals to keep ahead of detection.
Almost two years ago, in late 2020, GCA launched the Domain Trust initiative to share information between its partners in the infrastructure owners and operators sector, including registrars, registries, ISPs, CERTs/CSIRTs, TELCOs, public and private cybersecurity responders, financial institutions, insurers, anti-scam groups, and various other like-minded stakeholders.
What emerged was an intelligence and information-sharing platform that now contains millions of actionable data points, which are being used to reduce domain abuse associated with phishing, malware, and command and control activities.
But the platform and the data are not enough to drive action.
GCA’s partners and collaborators, who are individually and collectively working toward impacting the global issue of domain abuse, are key. This community of organizations meeting together regularly and establishing close working relationships will deliver actionable outcomes in preventing domain abuse and increasing domain trust.
In 2022, GCA began hosting quarterly meetings of the Domain Trust Community, inviting select, topic-dependent partners, and other stakeholders to participate and collaborate in discussions to identify, propose and launch annual initiatives that will help us all reach the goal of reducing the number and impact of domains registered for malicious purposes.
As GCA grows, and the Domain Trust Intelligence Platform, Data Set, and Community grow, we anticipate increased interest and participation in various meetings and other events. In order to encourage the building of trusted relationships and the effective exchange of ideas —and whether these fora are virtual, in-person or some combination thereof—, we are promoting a safe environment for sharing these ideas by conducting our meetings under the Chatham House Rule.
Of course, there are other benefits to participating in this Community. Developing and maturing a truly global network of like-minded individuals and organizations is crucial to making significant progress in the reduction of domain abuse across the entire Internet environment.
Leveraging our collective knowledge, expertise and energies, we are stronger together than alone, and we will —over time— be able to successfully influence Internet infrastructure owners, operators, and related organizations to take real action to stop domain abuse at varying stages in the processes of registration, activation, and appropriation of malicious and criminal domains.
To this end, GCA hopes you and your organization will consider engaging in continuing, active participation with us in the Domain Trust Community as it evolves and grows, joining together with us to identify actionable challenges in the domain abuse environment and working together with us to encourage both ourselves and our colleagues and peers in other organizations to take the actions necessary to prevent, limit and mitigate the damaging and costly effects of domain abuse.
Please follow GCA’s Bits & Bytes on Internet Integrity for articles about the efforts of the Domain Trust Community and its members, and do not hesitate to contact us if you want to become part of this growing Community.
The author, Dan Owen, is the Product Owner of Domain Trust at the Global Cyber Alliance. You can connect with him on LinkedIn.