A session on DNS abuse during the pandemic took place as part of the 15th Internet Governance Forum (IGF). Reports were delivered by Jeff Bedser (iThreat), Ashley Heineman (GoDaddy), John Crane (ICANN), and Merike Kaeo (Double Shot Security). The speakers noted that the COVID-19 pandemic had provoked an increase in DNS abuse cases. However, they said that the number of cases peaked in late March and early April, and later dropped. Moreover, they said there is no reason to suggest that the pandemic resulted in an explosive growth of abuse cases. The general picture is similar to that of any major natural disaster: there are always a certain number of criminals who try to take advantage of tragic events, but it’s a relatively small number.
The speakers talked about ways to identify, measure and analyze DNS abuse and, of course, focused on ways to fight it. Clearly defining the term of DNS abuse for the entire industry was listed among the key tasks as today many registries and registrars define it differently. The speakers also noted that it is important to understand that domain organizations and companies cannot act as “content police.” In particular, it was noted that most of the cases of DNS abuse as a result of the pandemic were or could be resolved at the host provider level and not the registries or registrars.
The topic of DNS abuse due to the pandemic is often discussed at events organized by the Coordination Center for TLD .RU/.РФ. For example, TLDCON 2020 participants noted that the number of DNS requests for coronavirus-related domain names had increased since spring. At the same time, measures taken by Russian companies are ensuring Russian domain zone stability in line with international standards.
