. home.aspx



ICANN: We Need DNSSEC Everywhere to Combat Hackers

February 25, 2019 / Phil Muncaster

ICANN has called on Domain Name System (DNS) stakeholders to urgently improve security across all domains to combat a growing threat from attackers. It wants DNS Security Extensions (DNSSEC) to be rolled out worldwide across all unsecured domain names in response to a wave of new DNS hijacking attacks blamed on Iran. In these attacks, the hackers used compromised credentials or other means to gain unauthorized access to registrars and other infrastructure providers. They then changed DNS records, replacing the addresses of intended servers with those of machines controlled by the attackers, diverting unwitting netizens. “This particular type of attack, which targets the DNS, only works when DNSSEC is not in use. DNSSEC is a technology developed to protect against such changes by digitally 'signing' data to assure its validity,” explained ICANN. “Although DNSSEC cannot solve all forms of attack against the DNS, when it is used, unauthorized modification to DNS ...