In brief: The Internet Corporation for Assigned Names and Numbers (ICANN) – the keepers of the web’s address book – has warned that they believe there is “an ongoing and significant risk to key parts of the DNS infrastructure.”
ICANN oversees the global address book for the internet with the Domain Name System (DNS). The system takes the domain name that a user types into their browser and converts it into a unique numerical address to connect people to the websites they wish to visit. But according to an announcement on Friday from ICANN, the DNS infrastructure is being targeted by ‘malicious activity.’
In response to the attacks on DNS, ICANN are calling for full deployment of the ‘Domain Name System Security Extensions’ (DNSSEC). DNSSEC is a technology that digitally ‘signs’ data to assure its validity, and as such stops people from being maliciously redirected away from the websites they had intended to visit. It is an effective tool in helping to prevent ‘man in the middle’ attacks where fraudsters can send people to dodgy sites and trick them into revealing login credentials, payment details or other personal information.
This latest announcement from ICANN comes less than two weeks after they announced a checklist for domain registrars and sellers to help strengthen their security in the wake of attacks. And while ICANN admits that their proposed solutions, including the full implementation of DNSSEC, will not solve all the internet’s security woes, any measures taken to minimize risk should be implemented as widely as possible.
Sadly that doesn’t seem to be happening though, as DNSSEC uptake among Fortune 1000 companies is allegedly as low as three percent. Though that figure increases to 20% when adoption across the web is looked at more widely.