EU introduces new legislation ending anonymous domain registration


Man working in an office in front of a computer. – Photo: © Tim Sandle

The European Union has announced that it is drafting legislation to end the anonymous domain registration, which are often used for illegal activities, including the distribution of malware.

The legislation is the “Directive of the European Parliament and of the Council on measures to ensure a high common level of cybersecurity across the Union”. This law will add new provisions allowing domain registrars to collect more information from registrants and verify this information.

Looking at within the scope of the law and its implications for businesses and consumers is Chad Anderson, Senior Security Researcher for DomainTools.

Anderson examines the benefits of the laws: “This change in posture shows how important registrant information can be to advocates. We’ve certainly found other ways to identify actors based on tactics, techniques, and procedures (TTPs), but removing large swathes of areas related to a single individual is much faster when they can actually be removed. linked to this individual and that the time is longer and longer. gasoline.”

However, there are some points of contention that need to be discussed. Here, Anderson is critical, saying, “For those who say this will be a blow to whistleblowers and activists: this is hogwash because they should all be using Tor and pre-built sites anyway to protect their anonymity.” If anything, it will force their hand to use better operational security. Leak sites will always exist and alternative registrars will always exist. All the problems of maintaining a private Internet where activists can work have already been solved.

Anderson also takes issues with those who are more inclined to report civil liberties issues. Anderson says, “For those who say it’s a privacy breach: it works the same as buying property elsewhere. Yes, it is a digital property, but you should be responsible for this permissive SPF record allowing the relay of malicious spam in the same way you should be responsive when there is a gas leak on a physical property.

The reality is, as Anderson puts it, “We have now seen from several pipeline ransomware events that critical infrastructure is just as, if not more at risk, from a ransomware event than from a physical attack. “

Anderson disputes another myth: “For those who say it doesn’t matter because cybercriminals will just hide behind companies or registrars in other countries: yes, that’s the point. Defensive work is never about removing threats, it’s about making them so expensive that the threat cannot work. This raises the bar and makes it costly for easy cybercrime like compromised business email (BEC) and credential phishing campaigns. Additionally, it reduces the attack zone left to watch as it reduces the number of registrars that attackers can use.

Summarizing the need for the directive’s provisions, Anderson concludes, “These are all wins in the defensive playbook. No crime will stop, but yes it will require a more sophisticated attacker and eliminate the mundane non-technical cybercrime that is ubiquitous today.

Leave A Reply

Your email address will not be published.