ICANN has recently published its report on the trends in DNS Abuse cases perpetrating online. The report covers cases occurring in the period of the past 4 years, beginning October 2017 till January 2022.
The report however, did present some facts that might appear contradicting to the prevailing notions of DNS Abuse trends. The report presents a counter-argument to the perspective that DNS Abuse trends are growing. These arguments are backed by solid facts presented by the council.
The council accepts that when figures are based on data from Reputation Blocklists, the DNS abuse trends might appear inflated. However, these figures could be misleading as their time frame for evaluating these is very short, ranging around 6 months or less. The trends presented by ICANN are based on data gathered from its Domain Abuse Activity Reporting (DAAR) programs, spanning over 4 years of time.
When analyzed from this set of figures, the overall curve for DNS Abuse cases is downward pointing with few spikes in between. The cases are such, both in legacy TLDs as well as the new TLDs. The cases of DNS abuse in January 2022 is significantly lower than that of October 2017. The downward sloping graph however, also marked a local maxima in December 2020.
This decreasing trend becomes even more prominent when instead of the absolute number of DNS abuse cases, the relative number Abuse cases to the total size of that category of TLD is taken. When the relative figures are taken the DNS Abuse figures would appear to become less than 1% for legacy gTLDs. In October 2017, contrastingly, this figure was over 3%. For new TLDs the case never grew more than 1%. Also among all abuse trends, spamming was the most prevalent.
This report and these figures present compelling evidence to dismantle the popular narrative that cyberspace is becoming an increasingly dangerous place with skyrocketing DNS abuse cases.