Cybersecurity

Sponsored
by

Noteworthy

IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Blogs

NANOG's Edward Mc Nair to Deliver Keynote Address at CaribNOG 17 in April

Edward Mc Nair will deliver the keynote address at the next regional meeting of the Caribbean Network Operators Group (CaribNOG), to be held in Bridgetown, Barbados from April 10 to 12. The featured talk will take place on Thursday 11 April at 9 am AST. A live netcast will be available. Mc Nair is the Executive Director of the North American Network Operators Group (NANOG). more

Revisiting How Registrants Can Reduce the Threat of Domain Hijacking

Recent events have shown the threat of domain hijacking is very real; however, it is also largely preventable. As Verisign previously noted, there are many security controls that registrants can utilize to help strengthen their security posture. Verisign would like to reiterate this advice within the context of the recent domain hijacking reports. Domains are an important element of internet infrastructure; their functionality and security rely upon many factors such as their delegated name servers. more

As We Head to ICANN64 in Japan, Let’s Pay Attention to National and Global Context of the Region

Soon it'll be time again for some of us to pack our bags and head for the ICANN64 meeting in Kobe, Japan. Even if you plan to stay at home, it still will be helpful to understand the national and global context in which the meeting is taking place. One way to do that is by looking at Japan's Prime Minister's Shinzo Abe recent Keynote Speech at the World Economic Forum Annual Meeting, (Jan 23rd, 2019) entitled: "Toward a New Era of "Hope-Driven Economy" more

Routing Security - Getting Better, But No Reason to Rest!

In January 2018, I looked back at 2017 to figure out how routing security looked globally and on a country level. Using the same metrics and methodology, I've recently taken a look at 2018 to see if we're making improvements. The good news is, it seems like the routing system is doing better! But there is still much work to be done. Using BGPStream.com, a great public service providing information about suspicious events in the routing system, I analyzed the number of incidents... more

Could Cybersecurity Become a New Driver for Business Transformation?

My involvement in the ICT industry over the last 40 years has always been to look at the strategic advantages that new technologies have to offer. I entered the industry through a proto-internet development called videotext. I looked at this technology, at what organisations could do with it, and assisted, for example, in the 1980s when the Commonwealth Bank introduced the world's first national online banking service called Telebank. more

Cybersecurity Is Failing Big-Time and This Is Hard to Fix

It has become clear that having a big cybersecurity war room is not enough to deliver true end-to-end security throughout the complex networks, systems and structures on which our modern society is based. Furthermore, looking at the forever changing draconian government interventions in this space, it is also obvious that they are often stabbing in the dark. more

Creating TLS: The Pioneering Role of Ruth Nelson

As often occurs in networking and cryptographic history, anecdotes and insularity conspire to mask how developments actually occurred, and seminal roles undertaken by women are forgotten or ignored. One of the notable examples of this proclivity occurred in the cybersecurity cryptology arena as it involves a critical platform known as the Transport Layer Security Protocol (TLS) and the pioneering role of Ruth Nelson. more

Why ".brands" Domains Make Sense

I receive spam on a daily basis from various Banks... as well as mine. None are legitimate but actually, that is not what is catching my attention receiving spam. There is something else and it deals with stealing information from me. Creating a personalized ".brand" domain name extension allows avoiding all that. Many are familiar with receiving spam through phishing attempts to have you answering an email and providing personal information such as login and passwords... more

CircleID's Top 10 Posts of 2018

It is once again time for our annual review of posts that received the most attention on CircleID during the past year. Congratulations to all the 2018 participants for sharing their thoughts and making a difference in the industry. more

Are We Ready to Defend Our Freedom? Book Review: "The Age of Surveillance Capitalism"

It is not often that you read a book where afterward nothing seems the same again. Like Adam Smith's The Wealth of Nations, Shoshana Zuboff's book: The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power,, puts what we do in these times into a context and gives a focus to ongoing issues of privacy and governance with regard to the Domain Name System. This is even more astonishing as the book does not even mention the DNS, the Internet ecosystem or even Internet Governance directly. more

IoT in Africa: Urgent Regulation Required

Globally, people are connecting more and more "things" to the Internet. Devices that were traditionally offline or dumb like refrigerators, cars, watches, home cameras, air condition, door locks, agriculture monitoring devices, etcetera, are now being connected to the Internet. This is referred to as the "Internet of Things" (IoT). Using sensors, IoT devices collect data of some sort, which is then most likely shared over a network connection to a service provider, where some analysis is performed on the data. more

Internet Economics

One year ago, in late 2017, much of the policy debate in the telecommunications sector was raised to a fever pitch over the vexed on-again off-again question of Net Neutrality in the United States. It seemed as it the process of determination of national communications policy had become a spectator sport, replete with commentators who lauded our champions and demonized their opponents. more

Quo Vadis ICANN?

The short history of Internet Governance is full of errors, failures, and - mainly - omissions. Despite the shortcomings, we also must acknowledge the achievements of past and present internet governance efforts. In particular, ICANN and its stakeholder constituencies have delivered on the mandate of a stable, secure and resilient Internet. Working with the IANA, IAB and IETF, the operational functions of IP addresses, and the Protocol Assignment and DNS must be seen as an unqualified success. more

5G Security Transparency

There is considerable rhetoric propagated today about 5G security. Some of the more blatant assertions border on xenophobia with vague assertions that the 5G vendors from some countries cannot be trusted and wholesale government banning is required. Existing treaty obligations are being summarily abrogated in favour of bilateral trade bullying. These are practices that the late President George H.W. Bush sought to eliminate a quarter century ago through intergovernmental organization initiatives... more

Has President Macron Thrown Multistakeholderism Under the Bus at UN IGF 2018 Paris?

Today, President Macron threw down the gauntlet to President Trump and the US administration on Multistakeholderism. In his welcome address to IGF 2018 Paris a few hours ago, President Macron challenged IGF to become more relevant by reinventing itself in factoring in multilateralism into IGF's non-decision-making body and to move beyond the mere talk-ship lip service it has been for the last 13 years. more

News Briefs

Russia to Disconnect Entirely From the Internet as Part of Cyber-Defense Measure

Cryptominers Infected 10x More Organizations Than Ransomware in 2018

US Government and Businesses Need Collaborative Procedures Against Major Cyberattacks, Warns Report

ICANN Begins Publishing Monthly Reports on Generic Top-Level Domain Security Threats

China, Russia Posing More Aligned Cyberattack Threats to the US, Says Chief of National Intelligence

Volunteer-Based Project Succeeds in Taking Down 100,000 Malware Distribution Sites Within 10 Months

An Investigation Shows How Bomb Threat Scammers Hijacked Thousands of Big-Name Domains

US Department of Homeland Security Issues Emergency Directive Ordering Agencies to Audit DNS Records

2018 Cybersecurity Venture Capital Investment Reaches Record $5.3B, Nearly Double that of 2016

China Is Building a National-Level Cybersecurity Industrial Park

A Data Dumb Exposes 773 Million Unique Email Addresses, 22 Million Passwords

Global DNS Record Manipulation, Hijacking Campaign at Massive Scale Linked to Iran

Dozens of U.S. Government Websites Rendered Either Insecure or Inaccessible Amid Government Shutdown

UK Government Releases New Cyber Security Standard for Self-Driving Vehicles

McAfee Labs 2018 Report Reveals 480 New Threats Per Minute, Sharp Increase in IoT-Focused Malware

Latest Wave of Organized Phishing Attacks Beat Two-Factor Authentication

US Tech Firm Cloudflare Accused of Providing Cybersecurity Services to Foreign Terrorist Groups

Chinese Hackers Have Infiltrated US Navy Contractors to Steal Range of Data Including Missile Plans

Criminals Using New Phishing Techniques to Hide from Victims and Investigators, Reports APWG

Hackers Behind Marriott Breach Left Clues Suggesting Link to Chinese Government

Most Viewed

Most Commented

Taking Back the DNS

Fake Bank Site, Fake Registrar

When Registrars Look the Other Way, Drug-Dealers Get Paid

Who Is Blocking WHOIS? Part 2

ICANN Complaint System Easily Gamed

Verisign Updates – Sponsor

Q2 2018 DDoS Trends Report: 52 Percent of Attacks Employed Multiple Attack Types

Verisign just released its Q2 2018 DDoS Trends Report, which represents a unique view into the attack trends unfolding online, through observations and insights derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of customers of Verisign DDoS Protection Services. more

Operational Update Regarding the KSK Rollover for Administrators of Recursive Name Servers

Currently scheduled for October 11, 2018, the Internet Corporation for Assigned Names and Numbers (ICANN) plans to change the cryptographic key that helps to secure the internet's Domain Name System (DNS) by performing a Root Zone Domain Name System Security Extensions (DNSSEC) key signing key (KSK) rollover. more

Q1 2018 DDoS Trends Report: 58 Percent of Attacks Employed Multiple Attack Types

Verisign has released its Q1 2018 DDoS Trends Report, which represents a unique view into the attack trends unfolding online, through observations and insights derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of Verisign DDoS Protection Services, and security research conducted by Verisign Security Services. more

DNS-Based Threats: Cache Poisoning

As DNS attacks grow in frequency and impact, organizations can no longer afford to overlook DNS security as part of their overall defense-in-depth strategy. As with IT security in general, no single tactic can address the entire DNS threat landscape or secure the complete DNS ecosystem. more

Q4 2017 DDoS Trends Report: Financial Sector Experienced 40 Percent of Attacks

Verisign has released its Q4 2017 DDoS Trends Report, which represents a unique view into the attack trends unfolding online, through observations and insights derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of Verisign DDoS Protection Services and security research conducted by Verisign Security Services. more

DNS-Based Threats: DNS Reflection and Amplification Attacks

Cybercriminals recognize the value of DNS availability and look for ways to compromise DNS uptime and the DNS servers that support it. As such, DNS becomes an important point of security enforcement and a potential point in the Cyber Kill Chain for many cyber-attacks. more

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Verisign has qualified for the Online Trust Alliance's (OTA) 2017 Honor Roll for showing a commitment to best practices in security, privacy and consumer protection. This is the fifth consecutive year that Verisign has received this honor. more

Industry Updates

Afilias Joins Global Commission on the Stability of Cyberspace

i2Coalition Releases Statement On Australian Encryption Law Passing

Neustar to Acquire Verisign's Security Services Customer Contracts

Q2 2018 DDoS Trends Report: 52 Percent of Attacks Employed Multiple Attack Types

Operational Update Regarding the KSK Rollover for Administrators of Recursive Name Servers

Q1 2018 DDoS Trends Report: 58 Percent of Attacks Employed Multiple Attack Types

DNS-Based Threats: Cache Poisoning

KSK Rollover Webinar to Be Held with ECO and ICANN Tuesday, April 24th

Q4 2017 DDoS Trends Report: Financial Sector Experienced 40 Percent of Attacks

DNS-Based Threats: DNS Reflection and Amplification Attacks

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Attacks Decrease by 23 Percent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

Leading Internet Associations Strengthen Cooperation

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

Participants – Random Selection