Whose Internet Is It, Anyway? presented at Blackhat DC 2006

by Andrew Fried (Internet Systems Consortium), Ben Butler (GoDaddy), Richard Cox (Spamhaus),

Summary : Malware injecting emails and websites have reached epidemic proportions on the Internet. Virtually all spam originates from bot-infected systems, which have the capacity to send out millions of emails per hour. The sites hosting malware are often part of large fast flux botnets that are geographically dispersed and change with great frequency. The threats have gotten larger; they hit victims faster and have been causing unprecedented losses.

Historically, the primary defense against these attacks has been the anti-virus program. Today, however, antivirus products no longer provide adequate protection – detection rates of less than 20% are commonly seen on newly discovered malware.

The detection, suppression and mitigation of these threats require timely and coordinated efforts between security researchers, anti-virus/content filter vendors, realtime blackhole list maintainers and domain registrars/registries.

This presentation will provide a rare glimpse "behind the curtain" of the efforts undertaken by security researchers (represented by Internet Systems Consortium), domain registrars (represented by GoDaddy) and realtime blackhole providers (represented by The Spamhaus Project and SURBL).

Andrew Fried: Andrew Fried currently a security researcher with Internet Systems Consortium (ISC), a nonprofit 501(c)(3) public benefit corporation dedicated to supporting the Internet community with software and professional services essential to its infrastructure. Mr. Fried is also the CEO of Deteque, a consulting and solutions provider for mitigating online threats. In 2008, Mr. Fried retired from the United States Department of the Treasury, where he had been a Senior Special Agent for twenty years. Throughout his career with Treasury, he was involved in computer and network security

Ben Butler: As the Director of Network Abuse for GoDaddy.com Ben Butler has, in this capacity, become an expert in dealing with all forms of network abuse. This includes spam, phishing, hacking, copyright violation, child exploitation issues, and the network security problems that often accompany such abuses. Mr. Butler comes from a strong technical background including several years as a network and email administrator at a Fortune 500 company. He also has extensive experience in customer service and satisfaction, coupled with experience in both business management and marketing.

Richard Cox: Richard Cox joined Spamhaus in 2003 after working for a number of UK Telcos and ISPs in the "compliance" sector, and has been CIO of Spamhaus since May 2005. Launched in 1998 to combat "conventional" spam, the SPAMHAUS PROJECT has had to expand its activities to deal with all the cybercriminal activities that are now needed to enable today's spammers to get past the many blocks put in place, and is today accepted as one of the world's foremost cybercrime investigating agencies.