A critical internet security update involving the renewal of cryptographic keys protecting web domain names has been halted due to some internet service providers and firms not being ready.
The Internet Corporation for Assigned Names and Numbers (ICANN), a Doman Name System, stood in the way of this update going ahead on the 11th of October, believing that tens of millions could potentially lose net access if the change went ahead.
Users of a secure DNS called DNS SEC have been the target of updates to cryptographic keys, but many organisations have been found to operating without being properly updated.
ICANN has resorted to reaching out to the unprepared internet service providers to make sure they are on track to successfully complete the internet security update without depriving people of net access. Now that the update will no longer take place on the 11th of October this year, a guideline of March 2018 has been provided.
As reported by the BBC, Goran Marby, head of ICANN, said: “It would be irresponsible to proceed with the roll [out] after we have identified these new issues that could adversely affect its success and could adversely affect the ability of a significant number of end users.”
This update is of great importance, with around 750 million people reliant on the information from DNS SEC servers, looking to benefit from the heightened security they provide from hackers and other online criminality.
According to the recent 2017 Global DNS Threat Survey Report from EfficientIP, 19% of public sector sites affected by DNS attacks said that sensitive information had been stolen.
A colossal 76% of all of the survey respondents were hit by at least one DNS attack in the last year, and a substantial 28% of this group experienced having data stolen. This highlights the prominence of DNS attacks, and how vital it is that internet service providers and organisations are in a position to receive the critical update.
This article is from the CBROnline archive: some formatting and images may not be present.