Criminality will not succeed in cyber space

29th November 2019


Eleanor Bradley

Eleanor Bradley
MD Registry Solutions and Public Benefit

From the earliest days of technology, users were finding ways to subvert it to their own ends. Hacking became a term associated with malicious intent as early as the 1970s, when people started manipulating computerized phone systems to access long distance calls for free.

Such hacks sound innocent compared to what our networks and connected systems face today in terms of breaches and attacks. While perhaps inevitable alongside the explosion of internet users and connectivity, it’s fair to say that too little airtime is perhaps given to celebrate the ongoing efforts to rid the internet of criminal activity.

Since inception as the registry for the .UK domain, Nominet has been committed to keeping the country’s internet namespace as secure and safe as possible. One of the ways we do this is by working closely with law enforcement agencies to identify domains being used for criminal purposes and suspending them.

Each year we report on 12 months of collaborative action to remove criminal activity from the internet. Our latest criminality report has now been published and the stats continue to be encouraging, demonstrating the ongoing impact our combined efforts are having on the ability of criminals to misuse the namespace.

Most notably, the number of domains suspended for criminal activity has dropped this past year (November 2018-October 2019) compared to the previous period: down to 28,937 from 32,813. The numbers may sound high, but the total suspensions for this period represents just 0.22% of the more than 13 million .UK domains currently registered.

Intelligence on which domains are being used for criminal activity comes to us from ten reporting organisations, with five of these reporting domains to us in the past year. The main interaction came from the Police Intellectual Property Crime Unit (PIPCU) – over 28,000 requests – with reports also from the National Fraud Intelligence Bureau, Trading Standards, Financial Conduct Authority and the Medicines and Healthcare Products Regulatory Agency.

While in the main we rely on outside agencies to instruct us on which domains are being used for criminal purposes, Nominet also has its own systems for identifying misuse of domains, like Domain Watch. This anti-phishing initiative suspends suspicious domains designed to confuse and commit crime, such as hmrc-taxrefund-gov.co.uk, at the point of registration. In the past year, we suspended 2,668 domains, informing the registrant by email and offering them an opportunity to justify their registration. Of these, only 274 successfully passed our due diligence and completed registration, showing that our process – a combination of manual and automated systems – is proving fruitful when it comes to identifying potential phishers.

While it’s important for us to recognise progress year on year, this annual report is also an opportunity to review and refine ways of working. We are always looking to improve our approach, tweaking our systems, reducing false positives and supporting our reporting agencies to ensure we continue to thwart criminal activity across the .UK domain.

Collaboration is key to achieving this aim – Nominet isn’t in a position to judge criminality on the UK’s namespace – and so we are grateful to the work of our reporting agencies in highlighting unlawful and suspicious activity. While those intent on committing criminal acts won’t stop searching for ways into our namespace, neither will we rest in our efforts to frustrate and disrupt them, keeping the millions of business and individuals who use the .UK domain as safe and secure as possible.

Download our infographic for full details of the report.

Like this? Try these...