ICANN Upgrades Internet Security System

In an effort to step up its fight against cyber crime, ICANN has upgraded its security at the very top of the domain name system

With online fraud becoming increasingly common-place on the Internet, ICANN has joined forces with the US Department of Commerce and VeriSign to strengthen security at the top of the domain name system.

According to ICANN, the upgrade will be to the technical infrastructure behind the Internet’s “phone book”, and will protect Internet users from certain forms of online fraud.

DNSSEC Approval

Essentially, the ICANN announcement is that DNSSEC (Domain Name System Security Extensions), has now officially been given the go ahead in the United States.

“A cyber criminal can steal your money or your personal data without you even knowing it. Cyber crime doesn’t respect national boundaries,” said Rod Beckstrom, President and CEO of ICANN. “This upgrade will help disrupt the plans of criminals around the world who hope to exploit this crucial part of the Internet infrastructure to steal from unsuspecting people.”

Earlier this week, a British computer expert, Paul Kane was chosen by ICANN as the key holder (or Trusted Community Representative – TCR) for Western Europe. Kane was one of seven people around the world to be issued with a key that some have said would be able to “restart the Internet”, in the event of it being knocked offline by a terrorist attack or other catastrophic event.

“With the Internet’s pervasive role in daily life expanding rapidly, finding viable solutions to cyber crime is imperative,” said ICANN. “Deployment of Domain Name System Security Extensions, or DNSSEC, at the ‘root’ of the Internet has laid the foundation for a new generation of innovative cyber security solutions by creating a global authentication platform – a common source of trust in the validity of Internet addresses.”

ICANN said that once DNSSEC is fully deployed, it will help prevent criminals from redirecting users to fake websites that can be used to perpetrate cyber crimes. It will eventually allow Internet users to know with certainty that they have been directed to the website they intended to reach in the first place.

Back in December last year, for example, the DNS (Domain Name System) settings for Twitter.com were hijacked, resulting in roughly 80 percent of the traffic from the site being redirected to a site purporting to be under the control of the Iranian Cyber Army.

Guarding the domain name system is vital, as this is where all Internet addresses are stored. Indeed, it is thought that the domain name system is consulted up to a trillion times each day by the world’s 1.8 billion Internet users.

No Silver Bullet

ICANN says that DNSSEC will specifically protect against two types of attack known as “cache poisoning” and “man-in-the-middle attacks” that can be used to distribute malicious software and commit fraud.

However it warned that DNSSEC isn’t an antidote to all Internet security problems and that users should still rely on common sense as the best way to protect themselves online.

“DNSSEC is not a silver bullet to stop every cyber crime. But it will have a real and positive impact on the security of the Internet,” said Beckstrom. “This is one important step forward in the fight against cyber crime.”