Security

Noteworthy

 IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Blogs

Final Day to Give Input on "Future of the Internet" Survey

Today, June 26, is the final day that you can help the Internet Society with its "Future of the Internet" survey. It takes about 20-25 minutes and will help my colleagues at the Internet Society develop a number of scenarios about the possible future of the Internet. These scenarios can help all of us in talking to policy makers, leaders, media and the general user population about the choices we have before us for the future of the Internet. more»

The Value of Openness for Building Tomorrow's Digital Economy - Reflections on the OECD Ministerial

Yesterday marked the last day of the OECD Ministerial Meeting on the Digital Economy, but also the culmination of a week where the need for an open and trusted Internet has been the main message from all stakeholders. Back in 2008, the OECD was one of the first intergovernmental organizations to open its discussions to the wider Internet community. more»

ICANN 56 in Helsinki - Schedule of DNSSEC Activities

The ICANN 56 meeting takes place in Helsinki, Finland, from June 27-30 and while it is a smaller "policy forum" style of meeting, there will still be some activities related to DNSSEC, DANE and DNS security in general. DNSSEC Workshop The DNSSEC Workshop will take place on the morning of Monday, 27 June 2016. All times are Eastern European Summer Time (EEST), which is UTC+3. more»

Which Direction Will the Internet Go? Take Our Survey and Help Us Explore the Forces at Work

In the past seven years, the number of people online has essentially doubled, from 1.7 billion in 2009 to about 3.4 billion today. New and innovative services have also emerged and people and companies around the world are using the Internet in ways barely imagined at the turn of the decade. Looking ahead to the next five to seven years, there are many forces at work that could have a significant impact on the Internet. more»

Who Is Responsible for Your Application's Security?

The dividing line between developers and IT operations used to be distinct. Developers were responsible for adding new features securely, but it was IT operations who had responsibility for infrastructure and network security. For the most part, developers didn't have to think too much about the wider security context. With the advent of the cloud, and of devops, things changed radically. more»

Ethical Hacking: Turning The Tables to Boost Cyber Security

Hacking remains a huge problem for businesses. As noted by MarketWatch, more than 175 data breaches have already happened this year, and in 2015 approximately 105 million adults in the United States had their personal information stolen. For companies, the stakes are huge: Compromised systems not only damage the bottom line but can severely impact public opinion. more»

Internet Society Activities at EuroDIG 2016: Trust, Collaborative Security, Zero Rating and More…

Over the next two days (9-10 June), the European Dialogue on Internet Governance (EuroDIG) takes place in Brussels, Belgium. With a theme of "Embracing the digital (r)evolution", EuroDIG has a full agenda and Internet Society staff will be participating in many aspects of the programme. For us, a primary focus will be at 11:30 CEST (UTC+2) on Thursday, June 9, when our President and CEO Kathy Brown opens the first Plenary with a keynote speech. more»

May 31 Deadline for $517,000 US in Internet-related Grants in Africa and Asia Pacific

If you are located in Africa or the Asia Pacific region, this coming Tuesday, May 31, is the application deadline for an excellent series of grants related to Internet infrastructure, development, security and education. I just wrote about the Internet Society Cybersecurity Grant for up to $56,000 AUD (roughly $40K USD) in the Asia Pacific region... but it is part of a larger set of grants that all have a deadline of May 31. more»

Join An Online Dialogue About Encryption - Wednesday, May 25, at 13:30 UTC

What are your concerns around encryption? What questions do you have about the legal, technical and policy aspects of the increasing use of encryption? How does encryption help bring about a higher level of trust in the Internet? On Wednesday, May 25, the Internet Society and its Greater Washington, DC Chapter are hosting an "Online Dialogue About Encryption" to discuss all these questions and many more. more»

We Need You: Industry Collaboration to Improve Registration Data Services

For more than 30 years, the industry has used a service and protocol named WHOIS to access the data associated with domain name and internet address registration activities... The challenge with WHOIS is that it was designed for use at a time when the community of users and service operators was much smaller and there were fewer concerns about data privacy. more»

Is the Internet Fragmenting? Join the Discussion Live - Tuesday, May 10, at 3:30pm US EDT

Is the global, open Internet moving away from a network of networks that is universally accessible to a series of networks fragmented along policy, technical or economic lines? As some governments pass laws related to data localization and restriction of cross-border data flows, what will the impact be? What about the increasing use of DNS and content filtering? What other factors have the potential for causing fragmentation? more»

Increasing the Strength of the Zone Signing Key for the Root Zone

One of the most interesting and important changes to the internet's domain name system (DNS) has been the introduction of the DNS Security Extensions (DNSSEC). These protocol extensions are designed to provide origin authentication for DNS data. In other words, when DNS data is digitally signed using DNSSEC, authenticity can be validated and any modifications detected. more»

Writing the Next Chapter for the Historic One-Time Pad

The OTP, or One-Time Pad, also known as the Vernam cipher, is, according to the NSA, "perhaps one of the most important in the history of cryptography." If executed correctly, it provides uncrackable encryption. It has an interesting and storied history, dating back to the 1880s, when Frank Miller, a Yale graduate, invented the idea of the OTP. Communication was expensive and difficult in the age of telegrams, and few messages were easily encrypted. more»

Cybersquatting & Banking: How Financial Services Industry Can Protect Itself Online (Free Webinar)

Businesses in the financial services sector are among the most frequent targets of cybersquatters. In this free webinar, I will be joining Craig Schwartz of fTLD Registry Services to provide important information about how domain name fraud is affecting the financial services industries, including banking and insurance, and what businesses and consumers can do to protect themselves online. more»

Internet Governance in Transition: The ITU as a Battleground for Rival Visions

During the past few years, the International Telecommunication Union (ITU) has been a battleground where governments promote rival visions of how the Internet should be governed. Although there has been a recent cease-fire as Internet governance debates have focused more on the role of ICANN, those skirmishes may soon restart at the ITU... Co-authored by Ambassador Gross (chair of Wiley Rein's International & Internet Practice), Carl R. Frank, Umair Javed, and Sara M. Baxenberg (members of Wiley Rein's Telecom, Media & Technology Practice). more»

News Briefs

US Ramping Up to Defeat Terrorism Online

Brexit v. EU: Cybersecurity Stakes too Hight for UK to Take an Isolationist Approach

NASCAR Team Pays Ransomware Fee to Recover Its Critical Files

GCIG Releases Final Report, 'One Internet'

Neustar Announces Intention to Separate Into Two Independent and Publicly Traded Companies

Nearly 1 Million IP Addresses Used by Attackers on a Single Target

Corporate Email Phishing Scams Result in $3.1B Loss, Near 1300% Increase in 18 Months

Cisco Issues Hight Alert on IPv6 Vulnerability, Says It Affects Both Cisco and Other Products

Fed Records Indicate Over 50 Cybersecurity Breaches Since 2011, Some Flagged as "Espionage"

IPv6 Will Change the Face of Email Filtering, Says Report

Security Firm Recovers Over 272 Million Stolen Credentials from a Collector

Cybercriminals Continuing to Exploit Human Nature, Increasing Reliance on Ransomware, Study Finds

Google Launches Project to Track Encryption Efforts - Both Internally and at Other Popular Sites

Bangladesh Central Bank Governor Quits Amidst One of the Largest Cyber Heists

Head of UK Intelligence Agency Says Tech Companies Should Provide a Way Around Encryption

Repeat DDoS Attacks the Norm in Q4 2015, 24 Attacks per Target on Average

Approach IoT With Security in Mind, Says AT&T Chairman

Large Volume of DNSSEC Amplification DDoS Observed, Akamai Reports

GNU C Library Found Vulnerable to Rogue DNS Server Attacks

Obama Proposes $19 Billion for Cybersecurity in Final Budget Plan

Most Viewed

Most Commented

Taking Back the DNS

Fake Bank Site, Fake Registrar

When Registrars Look the Other Way, Drug-Dealers Get Paid

Who Is Blocking WHOIS? Part 2

Not a Guessing Game

Verisign Updates – Sponsor

Verisign Named to the Online Trust Alliance's 2016 Honor Roll

Verisign is pleased to announce that it has qualified for the Online Trust Alliance's (OTA) 2016 Honor Roll for showing a commitment to best practices in security, privacy and consumer protection. ›››

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Verisign today released its Q1 2016 DDoS Trends Report, which provides a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of customers of Verisign DDoS Protection Services and research conducted by Verisign iDefense Security Intelligence Services. ›››

Resilient Cybersecurity: Dealing with On-Premise, Cloud-Based and Hybrid Security Complexities

Having a tightly integrated security framework is more critical than ever as cyber-attacks grow and enterprises employ a variety of on-premise and cloud-based computing services to deliver applications. ›››

Verisign Releases Q4 2015 DDoS Trends - DDoS Attack Activity Increasing by 85% Year Over Year

Verisign has just released its Q4 2015 DDoS Trends Report, which provides a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of customers of Verisign DDoS Protection Services and research conducted by Verisign iDefense Security Intelligence Services. ›››

The Framework for Resilient Cybersecurity (Webinar)

A shift in security architecture is needed, to an open platform where devices and services from different vendors can share, and act, on threat intelligence information, all in concert and in the proper context. Join Ramakant Pandrangi, Vice President of Technology, and learn how to assist with designing a resilient security ecosystem by maximizing an API-centric approach. ›››

Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

As part of our efforts to support National Cyber Security Awareness Month by sharing the latest cybersecurity research, Verisign released its Q3 2015 DDoS Trends Report, which represents a unique view into attack trends unfolding online for the previous quarter. ›››

Verisign & Forrester Webinar: Defending Against Cyber Threats in Complex Hybrid-Cloud Environments

Attend to learn some of the new tools and techniques to secure availability of applications in hybrid-cloud environments. ›››

Industry Updates

Participants – Random Selection