Domain Name Forensics: A Weapon Against Illegal Wildlife Trade

Domain Name Forensics: A Weapon Against Illegal Wildlife Trade
Like

Perpetrators of the wildlife crimes keep adopting sophisticated techniques to hoodwink the wildlife law enforcement agencies and to escape from the traditional law enforcement measures. These wildlife trafficking syndicates exploit the anonymity of the internet to continue their nefarious trade of wildlife with a sense of impunity. Under such scenario it becomes imperative for wildlife law enforcement agencies to adopt technologically-driven investigative tools in their fight against wildlife crimes. Domain name forensics is a vital tool in the hands of wildlife crime investigators. Domain name forensics can play a critical role in unearthing the individuals & networks involved in illegal wildlife trade through their websites.

But before I delve deeper into how wildlife law enforcement agencies harness the domain name forensics, let's first understand what Domain Name System (DNS) stands for. In simple terms, DNS is the Internet's Address Book. It allows us to access websites and other online services by using easy to remember domain names instead of having to remeber complex string of numbers. It basically converts human readable domain-names (for example: https://www.indiamart.com/) into numerical IP Addresses [for example: 35.190.37.46 for (https://www.indiamart.com/)] that computers use to identify each other on a network. Users can access IndiaMart website by searching it's numerical IP Addresses i.e. 35.190.37.46 also but it's not possible for users to remember these numerical strings for numbers of websites they want to access. 

Wildlife law enforcement agencies can harness the DNS Analysis in following ways:

  • Wildlife crime investigators can collect crucial informations about the ownership and registration details of a domain from Domain Name Forensics. These details may include the name, postal address, email address, phone numbers etc. of the registrant. Besides, informations about the Registrar (name, phone numbers, email address), Registrar History; domain creation, updation & expiry dates; Hosting History, IP Address, IP Location, IP History etc.
  • Using these informations, investigators can trace back the individuals or entities behind a website found to be involved in illegal wildlife trade.
  • DNS forensics can also help in revealing the relationship between different domains and subdomains. This may be crucial in understanding the complex structure of connected websites and illegal wildlife trade networks.
  • Through DNS Analysis, wildlife crime investigators can also gather informations about the hosting service providers of the websites involved in illegal wildlife trade. This information is vital to coordinate with the hosting service providers for gathering more details about the perpetrators and taking enforcement action against them.
  • Once the hosting service provider is identified using DNS forensics, wildlife enforcement agencies can take appropriate legal measures like blocking or restricting access to those websites involved in illegal wildlife trade. By doing so, investigators can shut down the illicit business of wildlife criminal networks.

There are many tools that can be utilized by the wildlife law enforcement agencies such as whois.com, MxToolbox, GoDaddy, ICANN Lookup, domain.com etc. for analysis of the domain names. Using these tools, wildlife crime investigators can forensically analyze a website found to be involved in trade of protected species of flora and fauna. For example, while doing cyber patrolling, wildlife enforcement officer finds that a website called IndiaMart.com is being used for trade of protected species of wildlife as shown below: Dried SeaHorse (a protected species under Wild Life (Protection) Act) is being offered for sale.

The wildlife crime investigator can collect crucial details about this website using DNS Analysis Tools as discussed hereinabove. The details that can be obtained are shown below using DomainTools:

Wildlife law enforcement agencies should also keep in mind that data protection laws such as GDPR (General Data Protection Regulation) aiming to safeguard individual's/entity's privacy and personal data can have impact upon the availability of certain informations about the individuals/entities behind the domain names/websites found to be involved in illegal wildlife trade. For example, through cyber patrolling a wildlife crime investigator comes across a website called swamijee.in which offers for sale body parts of protected wildlife species such as monitor lizarad & jackal alongwith protected sea corals as shown below:

When the wildlife crime investigator analyze this domain name/website using DomainTools, following informations are shown:

As evident from the above, many informations about the owner of this website/domain has been redacted for privacy. However many crucial informations about the Registrar, Hosting service Provider and Registrant Country are still available that can provide crucial lead into the investigation.

To conclude, domain name forensics is a powerful investigative tool which may further empower the wildlife law enforcement officers to unmask the willdife criminal networks operating from the shadowy corners of the digital world.

Please sign in or register for FREE

If you are a registered user on WildHub, please sign in