- eco Association provides information at the it-sa security trade fair in Nuremberg on potential threats and protection options for the Domain Name System (DNS)
- DNS-over-HTTPS whitepaper shows need for action by all providers of Internet infrastructures
Requests to the DNS (Domain Name System) – for example, calling up a website in the browser – are still frequently unencrypted. This poses security risks. In Man-in-the-Middle (MITM) attacks, for example, the attacker “listens in” on the user’s DNS requests and redirects them unnoticed to another destination, such as a fake banking website. Encrypting DNS requests is currently the only viable way to combat such attacks. Using the Hyper Text Transfer Protocol Secure (HTTPS), data can be transferred securely on the Internet between the client (web browser) and server.
The possibilities and limitations of DNS-over-HTTPS (DoH) have been discussed by a group of eco members in a discussion paper, because DNS-over-HTTPS raises both legally and technically complex issues. The paper contains background information and explanations for non-technical readers and recommendations for action to use DoH in a privacy-compliant and user-friendly manner.
Need for action for all Internet infrastructure providers
The eco Association will be providing information about the dangers and protection strategies against DNS abuse as part of the IT security trade fair it-sa from 12-14 October 2021 – both at the it-sa Expo in Hall 7 at booth number 7-502 and at the it-sa Congress on 12 October from 3pm CET onwards. In Hall 7A, International Forum B, Thomas Rickert, eco Director Names & Numbers Forum will speak on the topic. He poses the question “DNS Abuse: Fact of Fiction” and clarifies the extent of the phenomenon of DNS abuse. In doing so, he explains why the issue is of concern to all providers of Internet infrastructure and who should take steps to combat it.
“Protection against security threats and DNS abuse has always been an important concern of the eco Association and its members,” says Markus Schaffrin, Head of Member Services at the eco Association. “The public should be able to rely on the Internet and trust communication and transactions over the Internet. Therefore, providers entrusted with managing the DNS infrastructure should take steps to ensure that this public resource is secure.”
The debate around the issue of DNS abuse has been intensifying for several years. DNS abuse provides the basis for cyber attack vectors such as malware, botnets, phishing, pharming and spam. With an initiative at it-sa in Nuremberg, the eco Association wants to help objectify the discussion and clarify the roles of different intermediaries.