In celebration of the European Union’s Cybersecurity Month each October, ICANN is taking the opportunity to highlight the ways in which it helps make the DNS more secure for everyone by publishing a series of articles on the subject.
They highlight topics such as the Domain Abuse Activity Report (DAAR), which is a system for studying and reporting threats to the security and registration of domain names. Its main objective is to develop a robust, reliable and reproducible methodology for analyzing security threats.
A system that collects data from TLDs and complements it with security threat databases, reputation blocking list (RBL), as well as data provided by external providers and domains through different methodologies. Thus we have data coming from identified security threats such as phishing, malware, spam and botnet.
The data can be used statistically to study and report registration data or misuse by a registry. This generates monthly studies with reports that can be useful for the TLDs as well as serve as a chronological basis.
Another project, an initiative of the Office of the Chief Technology Officer (OCTO), is DNSTICR, aimed at studying domain name registries related to the COVID-19 pandemic to detect cases of malware and phishing actions. Information on how it works can be found at this link.
Among the measures taken by ICANN in maintaining a secure Internet are also the Domain Name System Security Extensions that strives for the adoption of technology that enforces authentication in the DNS with digital signatures, which allows registrants to digitally sign the information they enter into the Domain Name System.
It is very important for cybersecurity to work, that all the actors involved contribute their knowledge, so the exchange of knowledge and establishment of standards for DNS security and naming, promotes improvements in the practices in this field. To this end, ICANN supports a program, KINDNS, focused on improving DNS operational and security practices, with the collaboration of DNS operators. Its team focuses on three areas: actively promoting adoption by the operator community, soliciting and providing feedback to identify best practices, and developing self-assessment tools.
PuntoGal, as part of the Internet industry, is very involved in these network security issues, actively working and sharing experiences. Highlighting the fact that it is part of Ciber.gal, which is the Galician security node that is committed to a safe digital environment and the Global Cyber Alliance (GCA), the international organization created in 2015 to address cyber risks and make the network a safer place. The domain was the first Galician entity to join this global alliance, as part of its policy to strengthen the security of the digital environment.
Information taken from ICANN
