SIDN, the Dutch domain registry, has released a report which reports that the banking sector don’t have adequate DNSSEC security.
The DNSSEC Inventory 2017 (currently only in Dutch) describes the DNSSEC security status of the Netherlands’ most important domain names, of which the biggest offenders are the Dutch banking industry. SIDN analysed more than seven thousand domain names in four general sectors: financial services, the public sector, internet and telecom service providers, and listed companies.
Forty-six percent of all .nl domains have digital signatures. However, the banking sector (six percent) and ISPs (22 percent) are lagging behind other sectors when it comes to protecting domain names with DNSSEC.
By contrast, government bodies have made great progress in the last three years.
Roelof Meijer, CEO, SIDN, says that the migration of banking from branches and ATMs to digital channels, and the sector’s attraction to phishers and spoofers, makes its adoption of DNSSEC important.
“Banks should be the main users of DNSSEC security, but they scored for the second time in a row the worst of all investigated domains,” he says.
DNSSEC involves the cryptographic protection of domain name information. It makes the internet’s ‘signpost system’ more secure and more reliable. If a domain name is secured with DNSSEC, people who want to visit the associated website are protected against being misdirected to a fraudster’s IP address.
A previous inventory in 2014 found that financial service providers, listed companies, government organisations and internet service providers were lagging a long way behind other sectors.