AbstractIntroductionOutlineRegistrars in Potential BreachAbout KnujOnTerms Used
This independent audit of ICANN Registrar adherence and compliance to the RegistrarAccreditation Agreement has revealed that162 Registrars may be in breach of their contracts forvarious reasons. The reasons are not trivial, they range from blocking and manipulating WHOISaccess to falsifying applications to knowingly facilitating criminal traffic. This report takes a deeplook at the relationships between registration fraud, DNS manipulation, spam, compliance failureand the growing trade in illicit drugs online. We also offer recommendations to correct theseproblems.
The authors of this report are members of the ICANN At-Large community, representing Internetusers and consumers globally free of cost. We are committed to improving the quality and safetyof the Domain Name System through constant analysis of Internet abuse data and continualreview of the structure and its compliance mechanisms. We sincerely support ICANN’scommitment the principles of openness, transparency, and accountability. In the interests ofassisting ICANN in reaching its goals we respectfully submit this security assessment to theBoard of Directors, ICANN Staff, the Government Advisory Committee, and all of the supportingcommittees. This report is un-sponsored and unsolicited in an attempt to avoid any untowardinfluence. The intent is to purely represent the frustrated and confused Internet user. The ultimategoal is to assist in securing our Internet for the future.Much of cyber-security’s focus has been on intrusions, mass data theft, phishing, privacyviolations, ID-theft, and malware. For the most part these are incidents. They differ from the focusof this document - illicit Internet product traffic. Illicit product traffic is an ongoing cybercrime thatrequires the continuity and stability that other threats do not. Another major difference is thatservice providers generally do not profit from phishing, intrusions, and data theft. However, illicitproduct traffic presents an opportunity for Registrars to earn significant amounts money throughillicit domain registrations and related domain product services.There are many types of threats on the Internet but our research reveals the heavy influence ofdiverted, altered, and counterfeit prescription drugs. In our estimation this is the number onethreat to consumers and the Internet structure. Additional security threats like malwaredeployment, denial of service attacks, trademark hijacking, botnets, spam, WHOIS fraud, networkintrusions, domain hijacking, Registrar corruption, and electronic money laundering are all tools ofthe global network of illicit drug traffic. Beyond the Internet this traffic impacts the health of thepublic while funding organized crime and terrorist groups.There is no question that underground pharmaceutical traffic is illegal and kills people. Thetraffickers may paint themselves as virtual Robin Hoods who defy the greedy hands ofgovernment and “big pharma”, but in reality they deliver tainted products and cruelly prey on thesick, elderly, and addicted. In contrast with the popular perception, the underground pharmacymarket is far beyond lifestyle drugs like Viagra and Cialis. Tainted and completely fake drugs soldon the Internet include heart, blood-pressure, cancer, diabetes, and AIDS medications. There aremultiple documented cases of chalk pressed into painted pills, HIV test kits that give falseKnujOn.com, LLCUpdated: 6/20/2010 Page 2