DNS is the Achilles heel of the Internet – Test your DNS configuration here

Today at the national meeting of Canada’s Chiefs of Police, the Canadian Internet Registration Authority (CIRA) called on Canada’s law enforcement community to protect their domains and DNS from cyber-attacks.

“The DNS is the Achilles heel of the Internet,” said Jacques Latour, chief technology officer at CIRA. “When your DNS goes down, your website, your web applications, your email, your web services all fail. It can be devastating to an organization.”

Law enforcement agencies, because of their profile in the community, are likely targets for hackers and cyber-criminals.

//platform.twitter.com/widgets.js

The Canadian Internet Registration Authority recommends law enforcement immediately take several steps to secure their Internet infrastructure and prevent outages.

Use an Anycast DNS service: Some legacy web architectures use what is called a unicast DNS. These services offer little redundancy and leave the DNS extremely vulnerable to DDoS attack. Ensure that you have an Anycast DNS solution that can withstand attacks and keep services online.
Confirm the DNS is properly configured and includes a primary and secondary: Redundancy is important when setting up a world-class DNS configuration, and administrators should confirm that their DNS settings are configured correctly. In testing, CIRA found Canada’s DNS availability is startlingly poor, with a lack of redundancy and configuration errors causing 93 per cent of DNS servers in Canada to miss queries over a six month period. For lesser-known websites this may not be an issue, but misconfigurations could leave law enforcement open to attack.
Use a domain locking service: Any .CA domain can be locked with CIRA to prevent unauthorized changes to the domain settings. This prevents malicious actors from redirecting a domain to a new site with damaging information, a common form of cyber-attack. In 2015 the City of Ottawa’s website was redirected to an image of a dancing banana. ISIS sympathizers have also used this tactic to redirect pages to ISIS propaganda.
“As the fist-line of defence against online criminals, we need law enforcement to be leading the way on DNS security,” said Latour. “Safe and secure DNS solutions tend to be exceptionally affordable and simple to deploy. I find it troubling that many police forces do not take these simple steps to protect their online services.”

Additional resources:

Test your DNS configuration: CIRA offers a simple test that you can use to find critical errors in your DNS configuration. You can access the test for free at dnstests.cira.ca.

Get a free trial of CIRA D-Zone Anycast DNS: CIRA offers a made-in-Canada DNS solution that is ideal for Canadian organizations. IT Managers can learn more about this service with a free trial and sign-up at cira.ca.

About CIRA

The Canadian Internet Registration Authority (CIRA) manages the .CA top-level domain on behalf of all Canadians. A Member-based organization, CIRA also develops and implements policies that support Canada’s Internet community, and represents the .CA registry internationally.

 

SOURCE Canadian Internet Registration Authority (CIRA)

 

For further information:

or interview requests: Ryan Saxby Hill, Communications manager, CIRA, ryan.hill@cira.ca, 613-316-2397

This information is being distributed to you by CNW Group Ltd. 88 Queens Quay West, Suite 3000 Toronto ON M5J 0B8 http://www.newswire.ca
Please do not reply to this email. This is an outgoing message only. If you wish to stop receiving these types of messages from us, you can unsubscribe at any time.

Ces renseignements vous ont été distribués par le Groupe CNW Ltée. 88, Queens Quay Ouest, bureau 3000 Toronto, ON M5J 0B8 http://www.newswire.ca
S’il vous plaît ne pas répondre à ce courriel. Il s’agit d’un message sortant seulement. Si vous ne souhaitez plus recevoir ce type de messages de notre part, vous pouvez vous désabonner à tout moment.

© 2016 CNW Group Ltd, all rights reserved
© 2016 Groupe CNW Ltée, tous droits réservés

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s