Interisle Consulting Group

Resilient systems and networks position your organization to thrive under any circumstances—to respond dynamically to new technologies, new business opportunities, and new threats in an ever-changing world.

Interisle's world-renowned Internet and public safety networking experts know that what matters most about technology is how it helps you achieve your objectives.

We look beyond the impersonal canned solutions promoted by traditional large consulting firms, working closely with our clients to find the enduring architectural foundation that unites technology and business strategy to create sustainable value. Everything we do is focused cleanly and efficiently on your specific situation—all of our consultants are seasoned professionals with international reputations, and we don't waste your time (or money) on anything that doesn't directly benefit your business.


When the answer isn't obvious.



In Fight Against COVID-19 Scam Sites, Lawmakers Push for Domain Name Ownership Records-and Some Pro-Privacy Advocates Agree (2 June 2020)
In this Morning Consult article, reporter Sam Sabin writes that “lawmakers have begun taking the first steps to either provide relief for law enforcement and reopen the WHOIS database or hold domain name operators accountable to verifying the identities of those who purchase web addresses themselves.” Her interviews with politicians, registrars, consumer advocates, and security experts—including Interisle's Dave Piscitello—reveal broad support for better registration data access and stronger accountability for domain name registrants. “Too many domain name registrars and other internet companies are putting their heads in the sand as cybercriminals and scammers try to exploit this pandemic by luring people to fraudulent coronavirus-related websites.”

Weaponizing Domain Names via Bulk Registration (31 March 2020)
In this guest blog post at The Spamhaus Project, Dave Piscitello explains how criminals misuse domain names much in the same manner as terrorists misuse fertilizers to construct improvised explosive devices or as criminals divert pseudoephedrine to the manufacture of methamphetamine. In all of these cases, a commodity serves as a tool in the pursuit of some malignant (criminal) activity. Domain industry parties will no doubt object to such an extreme characterization, cyber investigators can demonstrate on an almost daily basis that hundreds or thousands of domain names are registered specifically for cyber attacks. Dave offers insights from Interisle's Criminal Abuse of Domain Names report and Spamhaus Project editor Sarah Miller notes that the findings from that October 2019 “emphasized the need for more stringent measures to be put in place within the domain name industry, something that the current COVID-19 pandemic is further highlighting.”

It's Not About the Internet (22 October 2019)
In the policy realm what we call “Internet issues” are not actually “Internet” issues—they are well-pedigreed social, political, cultural, and economic issues, for which we clever technologists have provided a rich new environment in which to grow and multiply. It follows that the people best prepared to tackle “Internet” issues may be thoughtful professionals in fields such as behavioral psychology, linguistics, sociology, education, history, ethnology, and political science—not (exclusively) “Internet experts.” Interisle principal Lyman Chapin suggests a broadly interdisciplinary approach to what have traditionally been considered “Internet” issues in an article that appears in the 50th Anniversary issue of the ACM SIGCOMM Computer Communication Review.

Worth reading: "Moving the Encryption Policy Conversation Forward" (20 September 2019)
On September 10, the Encryption Working Group—convened under the auspices of the Carnegie Endowment for International Peace and Princeton University—issued a constructive and wise report titled "Moving the Encryption Policy Conversation Forward" This report directly addresses the increasingly heated debate over use of encryption technologies to protect privacy contrasted against the needs expressed by law enforcement to be able to conduct criminal investigations and protect public safety. Instead of adding further heat to this on-going debate, the Encryption Group has wisely recommended toning down the rhetoric, and instead focusing on problems where feasible solutions can be developed that resolve not just technical issues, but also conform to rational policies and core principles. This offers a hopeful way forward where polarized debate can be replaced with constructive cooperation toward concrete results that would benefit individuals and society at large. We hope this report is read by all players concerned with issues of privacy and legitimate access by law enforcement.

Exposing and Documenting Abusive Internet Behavior (29 April 2019)
Today's Internet is increasingly polluted by malware, phishing, scams, and other forms of abuse that degrade the online environment on which so much of our economic, social, and political lives rely. These abuses erode user confidence and inflict serious harm on individuals and organizations in every part of the world. Countering them is at the top of everyone's list. But accurate information about abusive behavior on the Internet is surprisingly hard to obtain. This frustrates efforts to protect Internet users from abuse, and to change the environment in positive, lasting ways.
ICANN's Domain Abuse Activity Reporting (DAAR) project is a system for studying and reporting on abusive behavior across top-level domain (TLD) registries and registrars. But DAAR reports only aggregated data on gTLD registries; it does not associate any metrics directly with specific registries, does not include information about registrars, and omits ccTLDs entirely. As such it does not give organizations or individuals the information they need to make decisions about how to safely and efficiently interact on the Internet. Achieving a safer Internet requires a trusted, neutral, public clearinghouse to collect, publish, and persistently store information that categorizes and quantifies Internet identifier system behavior, which can be used to deploy security measures, demonstrate the effectiveness of security or other administrative controls, inform policy makers, and conduct research.

Conservative abuse reporting throws new TLD program under the bus (19 February 2019)
ICANN has released a January 2019 domain abuse report generated from the Domain Abuse Activity Reporting system (DAAR). DAAR is a system for studying and reporting on domain name registration and security threat (domain abuse) behavior across top-level domain (TLD) registries and registrars. It provides a distribution of domains identified as security threats and a breakdown of security threats by class for all new and legacy registries for which the DAAR project can collect TLD zone data. But the report provides only aggregated summary statistics for TLDs, in pie-chart format; these “findings” are misleading and do not represent actionable intelligence. The report also omits registrar information. By failing to be open and transparent about the high levels of abuse in specific new TLDs and registrar portfolios, ICANN actively frustrates efforts to promote Universal Acceptance of domain names and email addresses and calls future new TLD delegations into question.

Read Dave Piscitello's Security Skeptic blog post: Conservative abuse reporting throws new TLD program under the bus.

APWG and M3AAWG Survey Finds ICANN WHOIS Changes Impede Cyber Investigations (20 October 2018)
Dave Piscitello's The Security Skeptic blog has a column focusing on how ICANN's "Temporary Specification for gTLD Registration Data" has affected access and usage of domain name registration by cyber investigators and anti-abuse service providers.

Read Dave's column and follow Dave's Security Skeptic blog.


Interisle News

1 August 2021
New Whois Survey Findings

Dave Piscitello was one of four principal investigators of a joint M3AAWG and the Anti-Phishing Working Group (APWG) survey, ICANN, GDPR, and the WHOIS: A Users Survey — Three Years Later. The survey asked cyber investigators and anti-abuse service providers to describe ongoing impacts of ICANN's implementation of the EU GDPR, the Temporary Specification for gTLD Registration Data (Temporary Specification, adopted in May 2018).

28 June 2021
Domain Security Report

Interisle Consulting Group announced the publication of an industry report, Domain Security: A Critical Component of Enterprise Risk Management. The report describes the adverse and costly consequences when an organization becomes a victim of domain name hijackings or misuse. Interisle recommends that organizations need to include domain names in their enterprise risk management planning and execution.

25 June 2021
Updated Phishing Activity Reports Available

Phishing activity updates for the period November 1, 2020 through January 31, 2021 are now available at the Cybercrime Information Center. The updates include measurements and rankings of Top-level Domains, Domain Registrars, and Hosting Networks (ASNs) for the period. Comparisons of measurements against the prior period — May 1, 2020 through July 31, 2020 and August 1, 2020 through October 31,2020 — are also available.

9 June 2021
Andy Malis co-authors more RFCs on Deterministic Networking

Interisle partner Andy Malis participates in the Internet Engineering Task Force's Deterministic Networking (DetNet) project, focused on deterministic data paths providing bounds on latency, loss, jitter, and high reliability. DetNet is publishing RFCs on this topic, with Andy as co-author on some, including RFC 9023: Deterministic Networking (DetNet) Data Plane: IP over IEEE 802.1 Time-Sensitive Networking (TSN), RFC 9024: Deterministic Networking (DetNet) Data Plane: IEEE 802.1 Time-Sensitive Networking over MPLS, and RFC 9037, Deterministic Networking (DetNet) Data Plane: MPLS over IEEE 802.1 Time-Sensitive Networking (TSN).

30 April 2021
Updated Phishing Activity Reports Posted

Phishing activity updates for the period August 1, 2020 through October 31, 2020 are now available at the Cybercrime Information Center.
The updates include measurements and rankings of Top-level Domains, Domain Registrars and Hosting Networks (ASNs) for the August 1, 2020 through October 31,2020 period.
Comparisons of measurements against the prior period, May 1, 2020 through July 31, 2020 are also available.

13 March 2021
Academic Research Corroborates Interisle Study Findings

A large-scale systematic measurement study to quantify the changes made by WHOIS providers in response to the GDPR was presented at The Network and Distributed System Security Symposium (NDSS) on 22 February. Using a collection of 1.2 billion WHOIS records spanning two years and software they developed to automate compliance checking, the researchers found levels of WHOIS redaction beyond what the GDPR would require that corroborate the findings of Interisle's recent WHOIS Contact Data Availability and Registrant Classification Study.

1 March 2021
Interisle Launches the Cybercrime Information Center

Cybercrime—phishing, pharming, botnets, malware, and spam—threatens every Internet user. To fight cybercrime we need to know how criminals acquire and use the Internet resources that enable their criminal activity. The Cybercrime Information Center (CIC) will gather and publish the facts about cybercrime. By publishing its measurement data, the Center will identify the sources and mechanisms of cybercrime, as defined in the Council of Europe's Budapest Convention on Cybercrime. Researchers, governments, businesses, and others will be able to use CIC data to evaluate the policies and practices that attract and encourage criminal activity.

25 January 2021
WHOIS Contact Data 2021

Interisle Consulting Group has published a major new research report, the WHOIS Contact Data Availability and Registrant Classification Study. The report presents an in-depth analysis of how contact data for Internet domain names–which make all web sites, email, and apps work–has disappeared from public access, impeding cybercrime investigation, consumer protection, Internet security, and online commerce.

23 January 2021
Andy Malis co-authors two RFCs on Deterministic Networking

Interisle partner Andy Malis participates in IETF's Deterministic Networking (DetNet) project, which focuses on deterministic data paths providing bounds on latency, loss, jitter, and high reliability. DetNet is publishing a set of RFCs on this topic, with Andy as co-author on some. Recently published include RFC 8938: Deterministic Networking (DetNet) Data Plane Framework and RFC 8964: Deterministic Networking (DetNet) Data Plane: MPLS.

1 January 2021
Interisle welcomes new Partner Andy Malis

Andy Malis, a well-known and widely respected contributor to the development of telecommunications technology and the Internet for over 40 years, joins Interisle as a Partner. He brings to Interisle extensive experience in networking protocol architecture and evolution, product architecture and strategic planning, service provider network planning, and technology transfer, and a strong reputation for leadership in international standardization bodies (including the IETF, Broadband Forum, ITU-T,and Open Networking Foundation), standards authorship, and chairing and speaking roles at conferences and other industry events. Andy is the author or co-author of more than 40 IETF RFCs and Internet drafts, and currently co-chairs the IETF's Pseudowire And LDP-enabled Services (PALS) working group. Learn more about Andy on our About Us page.

13 October 2020
Phishing Landscape 2020

Interisle Consulting Group has published a major new research report, Phishing Landscape 2020: A Study of the Scope and Distribution of Phishing.
Interisle collected data about phishing attacks from four respected threat intelligence sources over a period of three months, learning about more than 100,000 newly discovered phishing sites. This extensive data set formed the basis for an in-depth analysis of how and where criminals are getting the resources they use to scam Internet users, and points to better ways to fight phishing.

March 2020
Interisle releases report on domain registration data

Internet users of all kinds rely on public domain name registration data services ("Whois") to obtain accurate and up-to-date operational and registration information for vital and legitimate purposes. Over the last two years, access to domain name registration data has been drastically curtailed as a result of ICANN policies, data privacy laws, and due to practices by registrars and registry operators.
Interisle studied domain registration data, measuring the effectiveness and impact of ICANN's registration data access policies and procedures by examining the practices of 23 registrars, which collectively sponsor more than two-thirds of the registrations in the generic top-level domains (gTLDs). It determined whether they comply with ICANN's policies and related contractual obligations, and also to the European Union's General Data Protection Regulation (EU GDPR).
You can read the Full Report, just the Executive Summary, or the Press Release.









Privacy Statement

© Interisle Consulting Group