Combating DNS Abuse

Keeping the Domain Name System Safe

At Verisign, we are committed to contributing to a secure, stable, and resilient internet. We take our responsibilities seriously, and that means being committed to addressing Domain Name System (DNS) abuse at the registry level.

What is DNS Abuse?

DNS abuse is defined as being "composed of five broad categories of harmful activity insofar as they intersect with the DNS: malware, botnets, phishing, pharming, and spam when spam serves as a delivery mechanism for those other forms of DNS abuse."1

There is also a broader set of security threats that can impact the DNS – including denial-of-service / distributed denial-of-service (DoS / DDoS) attacks, DNS cache poisoning, protocol-level attacks, and exploitation of implementation vulnerabilities.

Separate, but also important, is illegal content hosted on websites that use domain name infrastructure. This can include scams, sales of controlled substances and regulated goods, intellectual property infringement, and child sexual abuse material (CSAM).

How Does Verisign Help?

Verisign works actively in a number of settings to continually develop ways to combat and prevent DNS abuse. We have entered into a binding letter of intent with the Internet Corporation for Assigned Names and Numbers (ICANN), which underlines our commitment to tackling security threats, including developing best practices and educating the internet community. And we conduct ongoing technical analysis to assess whether .com domain names are being used to perpetrate infrastructure-based DNS abuse.

Our unique, proprietary infrastructure is constantly evolving to address new cybersecurity threats and forms of DNS abuse. We deploy a range of techniques, including sinkhole servers, cryptographic protections, DDoS mitigation mechanisms, and domain name registry lock functions to mitigate or eliminate the harm that malicious actors try to cause to internet users worldwide.

Since we started working together in 2020, Verisign has proven an important partner for IWF, taking rapid action and helping us to tackle and remove child sexual abuse material online. We appreciate the seriousness with which Verisign are approaching this issue.

Susie Hargreaves, OBE, Chief Executive, Internet Watch Foundation

We also play an active role in industry operational security forums and collaborations focusing on mitigating DNS abuse, including the ICANN Anti-Phishing and Messaging, Malware and Mobile Anti-Abuse Working Groups (APWG and M3AAWG). From its inception, we have supported the Internet & Jurisdiction Policy Network, which is an excellent resource for those interested in learning more about DNS abuse.

As a top-level-domain registry operator, Verisign has contractual commitments with the US government to operate the .com infrastructure in a “content-neutral” manner. While we are not a ‘content platform,’ we actively partner with trusted and credible organizations to address illegal online content with the appropriate authorities. Our programs include:

  • a "trusted notifier" pilot program with the U.S. NTIA and FDA to curb access to illegal online opioid sales,
  • a similar “trusted notifier” relationship with the Internet Watch Foundation (IWF), under which we are committed to taking action against every .com, and .net domain name reported to us by IWF as being used to host CSAM-related content,
  • ongoing work with the FBI and others to fight scam websites related to COVID-19,
  • and a commitment, as an Electronic Service Provider registered with the National Center for Missing and Exploited Children (NCMEC), to bring to NCMEC’s attention instances of the online exploitation of children.