Skip to Content

FBI Agent Thomas X. Grasso Receives First J.D. Falk Award for Establishing DNS Changer Working Group and Protecting End-Users

Baltimore, Maryland, Oct. 25, 2012Convincing competitors, disparate business entities and researchers to collaborate – many donating their services and resources – to protect millions of end-users worldwide is no small feat. Yet FBI Supervisory Special Agent Thomas X. Grasso did just that by quietly working behind the scenes to create the DNS Changer Working Group that saved an inestimable number of end-users from losing access to the Web over the last two years. Recognizing his leadership, Grasso received the inaugural J.D. Falk award on Tuesday at the Messaging, Malware and Mobile Anti-Abuse Working Group 26th General Meeting in Baltimore.

“Tom embodies the kind of personal sense of responsibility and accountability that built the Internet and is vital to its future growth.  First, he had the foresight to understand the problem and to realize that something could be done to prevent it.  Then it took an enormous commitment of his time and energy to muster the resources and bring dissimilar entities together to accomplish an objective that turned out to be a critical issue for many end-users,” said M3AAWG Co-Chairman Chris Roosenraad.

Grasso created the ad hoc committee based on the relationships and goodwill he had developed over his 12 years working with the Internet industry.  He persuaded large corporations to commit time and funds to notify infected customers, and convinced anti-virus vendors, Internet Service Providers and the security research community to cooperate in the project.  DCWG members include Georgia Tech, Internet Systems Consortium, Mandiant, National Cyber-Forensics and Training Alliance, Neustar, Spamhaus, Team Cymru, Trend Micro and others.

In November 2011, the FBI’s Operation Ghost Click led to the arrest of six Estonians allegedly behind the distribution of the DNS Changer malware and thought to be operating the illicit Rove Digital advertising network. The malware hijacked Internet searches and re-routed Web browsers of infected computers to fraudulent sites on Rove Digital’s network by altering the DNS settings the computers use to locate websites. Once the rogue servers were turned off, the malware-infected computers that had their settings redirected to them would not have been able to reach the Web.  

The DNS Changer Working Group was Grasso’s idea to encourage end-user remediation of the malware and to respond to the massive challenge of potentially millions of users losing access to the Web. The group helped monitor the DNS servers that were now legally operated by the Internet Systems Consortium (ISC) under a court order, and as a result, the infected users received a useful message to clean up their machines instead of suddenly dropping off the Internet. 

“The FBI recognizes the invaluable assistance the private sector and academia provided through the DNS Changer Working Group,” said Joseph M. Demarest, assistant director of the FBI’s Cyber Division.

J.D. Falk, an active member of M3AAWG and many other industry organizations, was passionate about safeguarding the Internet, end-user security and the impact of cooperative endeavors. The award named after him recognizes individuals for specific achievements that enhance the Internet experience, protect end-users, and embody his spirit of volunteerism and community building.  It is administered by M3AAWG with the support of Falk’s employer Return Path Inc. and the Falk family.

About the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG)

The Messaging, Mobile and Malware Anti-Abuse Working Group (M3AAWG) is where the industry comes together to work against bots, malware, spam, viruses, denial-of-service attacks and other online exploitation. M3AAWG (www.M3AAWG.org) – or M3 for Messaging, Malware and Mobile ­– represents more than one billion mailboxes from some of the largest network operators worldwide. It leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services through technology, collaboration and public policy. It also works to educate global policy makers on the technical and operational issues related to online abuse and messaging. Headquartered in San Francisco, Calif., M3AAWG is an open forum driven by market needs and supported by major network operators and messaging providers.

#  #  #

Media Contact: Linda Marcus, APR, +1-714-974-6356, LMarcus@astra.cc, Astra Communications

M3AAWG Board of Directors: AT&T (NYSE: T); Cloudmark, Inc.; Comcast (NASDAQ: CMCSA); Constant Contact (NASDAQ: CTCT); Cox Communications; Damballa, Inc.; Eloqua; Facebook; France Telecom (NYSE and Euronext: FTE); La Caixa; Message Bus; PayPal; Return Path; Time Warner Cable; Verizon Communications; and Yahoo! Inc.

M3AAWG Full Members: 1&1 Internet AG; Adaptive Mobile Security LTD; Adobe Systems Inc.; AOL; BAE Systems Detica; Cisco Systems, Inc.; Dynamic Network Services Inc.; Email Sender and Provider Coalition; Experian CheetahMail; Genius; iContact; Internet Initiative Japan (IIJ NASDAQ: IIJI); McAfee Inc.; Message Systems; Mimecast; Nominum, Inc., Proofpoint; Scality; Spamhaus; Sprint; Symantec; Trend Micro, Inc.; and Twitter.

A complete member list is available at http://www.m3aawg.org/about/roster.