Saturday, July 6, 2013

ICANN makes business case for DNS


NIRA president Mary Uduma, some guests,AfICTA president Jimson Olufuye and Rick Lamb of ICANN
The Internet Corporation for Assigned Names and Numbers (ICANN) has made a business case for the Domain Name System (DNS), saying it should be seen as part of all Information Technology (IT) ecosystems.

Making this known to DigitalSENSE Business News in Lagos recently was the Senior Programme Manager at ICANN on DNSSEC, Mr. Richard Lamb, while addressing the Domain Name System Security Extension (DNSSEC) held at the Digital Bridge Institute (DBI) Lagos campus as part of the ICANN roadshow hosted by the Nigeria Internet Registration Association (NIRA) and Africa ICT Alliance (AfICTA).

He noted that DNSSEC is a suite of Internet Engineering Task Force (IETF) specifications for securing certain levels of information provided by the Domain Name System (DNS) as used on Internet Protocol (IP) networks.

He said that the bad news so far on DNS was that the purported ‘biggest cybercriminal takedown in history’ which occurred involving some 4 million machines, 100 countries to the tune of $14M, about N645.5 million.

He pointed out consequently, a Brazilian Internet Service Provider (ISP) fall victim to a series of DNS attacks.

Other DNS hijacks known in history included that of  April 28, 2009 which saw Google Puerto Rico sites redirected in DNS attack  and on May 9, 2009, which witnessed the Morocco temporarily seizure of Google domain name.

Also of note, he said were the 25 Dec 2010 incident of Russian e-Payment Giant ChronoPay hacked; 18 Dec 2009 – Twitter – “Iranian cyber army” ; 13 Aug 2010 - Chinese gmail phishing attack and 25 Dec 2010 Tunisia DNS Hijack  to name a few.

However, Lamb said, the good news was that securing DNS with DNSSEC is very crucial to ICANN and global Internet community.

The business case for DNSSEC, he said, is that cyber security has become a greater concern to enterprises, government, and end users, describing it as a key tool and differentiator.

“DNSSEC is the biggest security upgrade to Internet infrastructure in over 20 years. It is a platform for new security applications; for those that see the opportunity,” he said.

DNSSEC infrastructure deployment, Mr. Lamb noted, has been brisk but requires expertise, adding that getting ahead of the curve is a competitive advantage.

According to him, DNSSEC interest from governments, showed that Africa is not yet there let alone Nigeria, but in the main time, countries like Sweden, Brazil, Netherlands, Czech Republic and others have encouraged DNSSEC deployment to varying degrees.

Whereas, as at March 2012 some private sector concerns including AT&T, CenturyLink (Qwest), Comcast, Cox, Sprint, TimeWarner Cable, and Verizon pledged to comply and abide by the United States Federal Communications Commission (US-FCC) recommendations that include DNSSEC.

Just as recent report by Gartner found 3.6 million Americans getting redirected to bogus websites in a single year, which cost was placed at $3.2 billion.

IT departments of every organization, he advised, should pick interest in DNSSEC by knowing about it, lamenting, however that in some cases they claim too busy putting out other fires.

Registrars and Domain Name System (DNS) providers, he advised to look beneath to see the business opportunity rather than waiting for when demands could lead to “chicken-and-egg” problems.

Opportunity in the new security products, he said, increases trust in e-commerce, improves web SSL and certificates for all, thereby securing Voice over Internet Protocol (VoIP) and electronic mails (e-mail) via Secure cum Multipurpose Internet Mail Extensions (S/MIME), which is a standard for public key encryption and signing of MIME data, for the benefit of all, among others.

Remmy Nweke/DigitalSENSE Business News
... Making SENSE of digital revolution!

No comments: