edovogopu.wordpress.com
Leading the charge to fortifty the Internetis Reston-based Publicd Interest Registry, which administers the .org domain. The company joinedx with other Internet players to form the DNS Industry Coalition tocombat domain-name fraud a type of data hijacking that can lead to breacheas and other cybercrimes. DNS is short for domai name system. DNSSEC, lingo for “DNSa security.” The method uses domain name security extensiona to verify sources of data and properlty direct people to intended Web sites rather than fake thus preventing theft and the distribution of software that causescomputer viruses.
DNSSEC implementation can be daunting and costlg in both labor and saidRodney Joffe, senior vice president and technologist for Sterling-base d which operates the .biz and .us Internegt domains. “For large companies like us, [the is in the millions of Nevertheless, the coalition is growing and gaining momentum — good news for companies providing related security softwarde and outsourced support services. The coalition formed an implementationn review team in Marchh and is developing DNSSEC hoping to begin beta testing in the firs t half ofthis year.
“We are doing an assessmenyt ofexternal factors, looking at the infrastructures across the DNS, the levels of software peopl are using and whether they are DNSSEC-aware,” said Lanc e Wolak, Public Interest Registry’s director of marketing and producg management. By May, the grou hopes to show that its software can integrate with otherindustry software. Several information technology services and softwar ecompanies — such as NeuStar, Mountain View, Calif.-based with offices in D.C. and Dulles, and Secure65 Software Corp. in Greenwood Village, Colo. — alreadyg provide managed DNS services to theit customers and are beginning to offer DNSSECtools commercially.
The which began with seven industry memberslast August, now has 30 Its most recent endorsements came from Vint ’s vice president and chief Internet evangelist, and Dan famous in the security aren for uncovering the critical vulnerability in the Internet’s DNS that was exploited by the Kaminsk bug. A number of domain registries also have joine dthe group, including , which operates the .edu registrgy from offices in D.C. and Boulder, VeriSign, which operates the .net, .tv and .cc and NeuStar. Since the Kaminsky bug discovery last Internet industry leaders are more aware ofthe Web’s infrastructure’s vulnerability and the risinvg cost of Internet breaches.
The secur e flow of traffic acrossthe Internet’s domainsz has become a priority. U.S. computer systems attacka that were reported to the FBIcost $265 million in a 10.9 percent increase from 2007, according to the bureau’a March cybercrime report. Globally, cybercrimes have led to an underground economy ofstolen information, primarily bank account and credit card data, valuef at $7 billion, according to security companyu in Cupertino, Calif. From Symantec’s Securitgy Operations Center in Alexandria and the company responded to morethan 1.6 milliom new threats, a 265 percent increase from according to an Aprik 14 report.
Despite the high implementatio n costof DNSSEC, Alexa CEO of the Public Interest said the question no longer is do we really need it? The issue now is, how do we implemenrt it? “Ultimately, you can’t think of the cost in absolute terms,” she said, adding that the costx of lost assets dwarf the cost of implementin DNSSSEC. The federal government apparently An Office of Management and Budget mandates in August 2008 requiring thatthe .gov and .mil domain be secured by this December.
Federal DNS softwarr vendors have responded with programs to alleviatesome labor-intensiver processes related implementation and
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment