EU agency takes on DNS flaw

ENISA is looking at system security extensions as one way of strengthening the security of servers handling IP addresses.

The European Network and Information Security Agency (ENISA) has said it is looking at three different measures to bolster the security of the net's addressing system.

The agency, whose job it is to advise the European Union (EU) on public IT and communication security issues, said it was investigating new security measures in response to recently uncovered flaws in the internet's Domain Name Systems (DNS).

The flaws, first identified by security researcher Dan Kaminsky, were proven to be able to poison the servers that translate domain names into internet protocol (IP) addresses, with the potential to infect user PCs with malicious code or intercept and edit email.

ENISA said it is looking into three standard technologies to combat the flaws. They include Multiprotocol Label Switching (MPLS ), IPv6 and Domain Name System Security Extensions (DNSSEC).

DNSSEC, for example, is a set of DNS extensions that provide origin authentication of DNS data, data integrity and authenticated denial of existence. DNSSEC protects internet servers from domain name system attacks, e.g. DNS cache poisoning by malicious users. ENISA said several European Country Code Top Level Domain Registries have already adopted the use of DNSSEC and are actively participating in the agency's activities.

The agency added that it was looking at the potential of all three technologies to help improve the resilience, availability and integrity of the internet. It is also working with regulators, policy makers, network operators, network equipment vendors and academia to establish best practice approaches to tackling the flaws.

The agency is taking stock of existing policies and regulations used locally, across EU Member States, by operators through a series of interviews.

And, to assess the effectiveness of any potential fix and identify potential problems or gaps that arise with those fixes that could compromise the availability of networks and services, the agency will analyse the operator input, in direct consultation with all leading stakeholders, in order to develop EU guidelines.

"The recent spotlight in the news on DNS vulnerabilities and attacks highlights the importance and relevance of ENISA's work on improving the resilience of public communications, vital for European e-government and ultimately, e-business," said Andrea Pirotti, ENISA's executive director.

The final results of the agency's research will be presented at a "Resilience of Public e-Communication Networks" workshop that will take place in Brussels in November.

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

Microsoft spearheads industry-wide charter against AI cyber attacks
Security

Microsoft spearheads industry-wide charter against AI cyber attacks

23 Oct 2020
Weekly threat roundup: Chrome, Citrix and WordPress
Security

Weekly threat roundup: Chrome, Citrix and WordPress

23 Oct 2020
IT services giant Sopra Steria falls victim to Ryuk ransomware
Security

IT services giant Sopra Steria falls victim to Ryuk ransomware

23 Oct 2020
CMS platforms succumb to KashmirBlack botnet as businesses rush online
Security

CMS platforms succumb to KashmirBlack botnet as businesses rush online

22 Oct 2020

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
The enemy of security is complexity
Sponsored

The enemy of security is complexity

9 Oct 2020
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

5 Oct 2020