What’s your name, organisation and role?
Theo Geurts, Realtime Register B.V. GRC Officer
Where do you work and live?
Zwolle, Netherlands
What is your personal and Realtime Register role in the DNS industry?
We are a wholesale registrar and provide registrar backend services to other ICANN registrars.
Why do you think abuse is an important issue to work on? / Why should we care about abuse?
Internet technology is now used against us in the form of cybercrime. The current levels of cybercrime are the calm before the digital storm, and it will only worsen. In dealing with such levels of disruption, it will take society decades to get a grip on such disruption. As such, it is an important issue to work on, given that cybercriminals become extremely well-funded and arresting such criminals is becoming almost impossible.
What is Realtime Register already doing to mitigate and combat (DNS) abuse?
We deployed a whole bunch of things.
Realtime Register CyberCrime Tracker and monitoring system is powered by 75 Reputation Block Lists (RBLs) and 500+ information sources. With this information, hosting companies/resellers can take action on any threats our system detects.
We combine big data with AI pattern analysis. This allows us to be proactive and take down domain names before they become engaged in cybercrime. Such systems can also detect payment fraud without access to payment providers.
We sinkhole domain names to capture data and assist law enforcement in their investigations. Sinkholing domain names is the new deterrent against cybercriminals. It can speed up investigations, as it is easier to determine how big a scam wave is, which helps in assigning priority.
Our intelligence team (we do not use the term “abuse desk” or “abuse department”) is highly skilled, consults with law enforcement, and even provides training for such agencies. Understanding criminology and victimology is critical in combatting cybercrime.
Why did you join the topDNS initiative, and why should others follow?
The reason is that topDNS does not replicate the work that is already ongoing. Instead, it either facilitates or generates new ideas to combat cybercrime. topDNS is also in a position to reach out beyond the ICANN or industry silos, and also to reach out to governments. This is key, as cybercrime is one of the most complex global problems we face in our lifetime.
Others should join the initiative, given that you cannot solve a global problem alone.
What do you think is topDNS’s biggest achievement so far, and what do you expect from topDNS in the future / in 2024?
I think the most significant achievement is to expand the discussion beyond the industry silos and broaden the participation.
If you could fix one thing about the Internet, what would it be?
This question assumes there is something wrong with the Internet or DNS. However, our problems are not new; cybercrime is a crime, and disinformation is nothing new. Throughout history, we have created many public functions to address crime or other problems. We have police, courts, judges, prosecutors and public defenders.
The failure of such public functions is the cause of economic problems. Cybercrime is an economic issue and should be viewed as such. The scale of cybercrime and disinformation is unprecedented, but we have faced similar problems throughout history.
Sharing threat intelligence and suspending domain names are valuable and part of a mitigation approach to combat the symptoms of cybercrime. However, these technical solutions and policies do not address the problem.
What is the solution to the problem? One of the first steps is to ensure we understand the situation and discuss the problem. TopDNS is part of that discussion.
Thank you very much for the interview!
This video by eco and its topDNS initiative highlights the serious consequences of domain shutdowns – ranging from economic harm to threats to free expression – and advocates for “taking down instead of blocking” as a sustainable, rule-of-law solution.