The keeper of the internet’s ‘phone book’ is
urging a speedy adoption of security-enhancing DNS specifications
The Internet Corporation for Assigned Names
and Numbers (ICANN) – which supervises the Domain Name System (DNS) – is urging
all DNS stakeholders to do their parts in order to enhance the security of one
of the internet’s foundations.
The
statement, adopted at an emergency meeting late last week, comes on the
heels of reports that the DNS servers for a variety of prominent targets across
the world have been subject to a rash of attacks known as DNS hijacking attacks. [To learn
more about various types of DNS-based attacks, head
over to this article.]
According to the organization that oversees
the DNS ecosystem, these incidents represent “an ongoing and significant risk
to key parts” of the system’s infrastructure. In January of this year, the
United States’ Department of Homeland Security also sounded the alarm about the attacks.
By translating human-friendly domain names to
computer-friendly IP addresses, DNS is central to the internet’s fabric. In
other words, with DNS we only need to remember the name of the site we want to
visit, rather than the relevant IP address. If the system’s security is
compromised, however, cybercriminals can, for example, divert our traffic to
any online venue instead of the intended destination, often with the aim of
stealing personal data.
To foil attacks that tamper with the DNS
infrastructure, ICANN is now urging domain owners and DNS services to deploy a
set of specifications called Domain Name System Security Extensions (DNSSEC).
At present, the implementation rate of specifications that ensure the validity
of the data by digitally signing it is less than 20 percent, according to information from APNIC.
“Although DNSSEC cannot solve all forms of
attack against the DNS, when it is used, unauthorized modification to DNS
information can be detected, and users are blocked from being misdirected,”
said ICANN.