Just as we started the new year, the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency's (CISA) issued an alert. On January 6, 2020 , they warned of domain name system (DNS) hijacking and other cyber threats that may be used by nation-state threat actors to disrupt business activity and take control of vital internet assets. A familiar refrain heard in 2019 now repeating in 2020.
While the March report from ICANN's Domain Abuse Activity Reporting system show a general reduction in second-level gTLD domain names identified as being used in phishing, malware distribution, and botnet command and control, it has been widely reported that criminals are taking advantage of the global COVID-19 pandemic by launching malicious online campaigns. There have also been numerous reports of spikes in the use of COVID-19-related domain names for DNS Abuse.
Now that we are all working from home (WFH), the need for encryption must also increase in priority and awareness. Zoom's popular video conferencing solution got in hot water because they promised "end-to-end" encryption but didn't deliver on it - prompting some organizations to ban it from use altogether. Encryption protects confidential information from being exposed in transmission, providing a secure way for the intended recipient to get the information without snooping by others.
In recent weeks we've seen a range of press articles, security blogposts and public statements addressing real or perceived issues with network capacity and the domain name system (DNS) in particular. These range from concerns about the resilience of the DNS with questions on the impact of the number of registrations to news indicating that a tidal wave of fraud and abuse is hitting the world.
I am writing to you as someone who is not your citizen, (although I had the fortune to wed the most beautiful of your daughters), to share my thoughts about the recent US Government Cyber Solarium Commission report. U.S.A. We owe you one! Without you and your citizens there would be no free Internet as we know it. Thank You! Your constitution is our inspiration. We, the global digital citizenship want to be "the people", in order to "secure the Blessings of Liberty to ourselves and our Posterity..."
In 2019 under the aegis of the Internet Governance Forum, a pilot project was conducted into the causes of and solutions for the, in general, slow deployment of internet security standards. Standards that on mass deployment make the Internet and all its users safer, indiscriminately, immediately... Recently the report 'Setting the standard. For a more Secure and Trustworthy Internet. The Identification of Pressure Points in Society to Speed up Internet Standards Deployment', was published on the IGF website.
The novel coronavirus outbreak (COVID-19) has prompted many organizations in Mainland China and Hong Kong to execute their business continuity plan (BCP). During the last epidemic in 2003, the SARS outbreak lasted for nine months – and with an infection rate that is increasing rapidly, this new coronavirus has the potential to cause prolonged periods of commercial disruption, and heavy reliance on BCPs.
How can you use the latest open Internet standards to make web servers as secure and as fast as possible? How can you ensure your web site is available to everyone across the global network of networks? Please join me on Wednesday, February 26, 2020, from 13:00 – 14:00 UTC in our first InterCommunity 2020 event to learn about the Internet Society's new "Open Standards Everywhere" project.
The ICANN Security and Stability Advisory Committee (SSAC) and the Internet Society Deploy360 Programme are planning a DNSSEC and Security Workshop during the ICANN67 meeting held from 07-12 March 2020 in Cancun, Mexico. The original DNSSEC Workshop has been a part of ICANN meetings for many years and has provided a forum for both experienced and new people to meet, present, and discuss current and future DNSSEC deployments.
The domain name system (DNS) grew to prominence during the initial, innocent days of the internet. During that time, early internet users tended to work for government or education organizations where trust was assumed, and security was not even a consideration. Since the online community was small and the internet was sparsely used, the importance of DNS was not widely understood, and as a consequence, left undefended.