Cybersecurity firm Spamhaus has partnered with internet domain authority ICANN in an effort to cut down on email service abuse and tackle botnets.
The collaboration will see Spamhaus Data Feeds licensed to ICANN so they can be used to create abuse reports, risk scores, research papers and predictive abuse metrics.
Botnets are currently the most common form of cyberattack and are sometimes used to overwhelm websites as part of a DDoS attack. More commonly, however, they are simply a source of frustration and are believed to be responsible for a significant proportion of the countless spam email messages that are sent every day.
ICANN’s adoption of Spamhaus Data Feeds will help disrupt botnets by allowing ICANN to share details of abuse with internet domain registrars. Connections to IP addresses related to botnets can then be blocked.
Across the second quarter of 2020, Spamhaus has reported a 29% surge in the number of botnet command and control servers – essentially, those controlled by cybercriminals.
“The most effective method of mitigating botnet attacks is to deploy border gateway protocol feeds to block connections to IP addresses related to botnets,” said Calum Parfitt, a solicitor from Boyes Turner, the technology law firm that acted for Spamhaus on its licensing deal with ICANN.
“Spamhaus Technology has licensed its industry-leading Data Feed Service which utilizes real-time Domain Name System-based Blackhole Lists to ICANN. The agreement will allow ICANN to share details of abuse with the registrars and registries responsible for the domains which have been compromised in order to expedite remediation. ICANN’s adoption of the Spamhaus Data Feeds shows its commitment to disrupting botnets and protecting the internet and its users.”
Spamhaus is already responsible for blocking a huge quantity of spam messages but the deal with ICANN will further its efforts to create a safer, more secure internet. In addition, any domain names that are included in the Spamhaus Data Feeds can be passed on to the relevant law enforcement agencies or used by the ICANN compliance department.