Meet Nameshield from 10th to 12th October in Nuremberg at a new edition of the it-sa, the absolutely must-attend meeting of the IT security sector!
As the “Home of IT Security“, it-sa stands for both a comprehensive range of information and networking and knowledge exchange on the topics of data protection and IT security.
The three-day programme includes talks, workshops, discussion panels, one-to-one meetings and opportunities for networking…
Meet us on site: Hall 7, Stand 7-214, in cooperation with eco, the Association of the Internet Industry.
Exchange with our team and discover our global solutions that satisfy the requirements of your DNS security. Discover our product for a high-availability of your strategic domains: “DNS Bastion“.
Domain name is the first link between the web user and your website. It is thanks to the domain name that you are found on the Internet, that you are visible, that your identity is displayed and that you develop your business on the net. It is a digital asset of your business.
The management and configuration of these domain names usually requires access to a management interface. The absence of a security policy can be dramatic.
Find in this “5 minutes to understand” document, available for download on the Nameshield’s website, practical solutions to secure your access.
During the 12th edition of the International Cybersecurity Forum (FIC), the major event in terms of cybersecurity and digital confidence, which currently takes place from January 28 to 30 in Lille, Nameshield was given once again the France Cybersecurity Label for its DNS Premium solution.
8th Edition of the France Cybersecurity Labels ceremony, January 29, 2020
Nameshield’s DNS Premium labelled France Cybersecurity
The DNS
is at the heart of companies’ critical services: Internet, email,
applications…
Exposed more and more frequently to attacks,
like DDoS, Man in the Middle… it must remain available.
The Nameshield’s DNS Premium is the
solution which meets DNS protection needs with a redundant, ultra-secure
infrastructure with all the key DNS services (anycast, DDoS protection, DNSSEC,
statistics…).
The DNS Premium solution labelled France
Cybersecurity, thus allows its users to protect their digital assets
from any attack and ensures a high availability of their Internet services.
France Cybersecurity Label, the guarantee of a certain level of quality in terms of cybersecurity
For reminder, the France Cybersecurity label is the guarantee for users that the Nameshield’s products and services are French and possess clear and well defined functionalities, with a certain level of quality in terms of cybersecurity, verified by an independent jury.
It answers to several needs and objectives:
Raise
awareness among users and international ordering parties regarding the
importance of the French origin of a Cybersecurity offer and its intrinsic
qualities ;
Certify
to users and ordering parties the quality and functionalities of labelled products
and services ;
Promote
French cybersecurity solutions and increase their international visibility ;
Certify
to users and ordering parties the quality and functionalities of labelled
products and services ;
Increase
their overall use and the users’ security level.
This label is governed by a committee composed
of representatives gathered in 3 colleges:
College
of officials: representatives from the “Direction
Générale de l’Armement” (DGA, the French Government Defense procurement and
technology agency), the “Direction Générale
des Entreprises” (DGE, the French Directorate General for Enterprise within
the Ministry of Economy, Industry and Digital), and the “Agence Nationale de la Sécurité des Systèmes d’Information” (ANSSI,
the French National Cybersecurity Agency).
College
of industrials: representatives from the “Alliance
pour la Confiance Numérique” (ACN – Alliance for digital confidence) and
HEXATRUST.
College
of users: representatives from groups of users, such as: CIGREF, GITSIS, CESIN,
CLUSIF ISSM space.
Nameshield, a 100% French company, certified ISO 27001 on all its registrar activity, was able to bring all the necessary guarantees to obtain the France Cybersecurity Label for its offer, the DNS Premium and illustrates its engagement to always provide the best services and standards regarding cybersecurity.
For more information on our labelled solution DNS Premium, please visit Nameshield’s website.
Financial services companies are particularly affected by cyberattacks. They possess a wealth of information on the customers, protect their money and provide essential services which must be available day and night. They are a lucrative target. Among the favored lines of attacks: the DNS.
The Efficient IP’s Global DNS threat annual
report shows a constant growth of the DNS attacks’ number and the financial
impacts, with an average financial loss of 1.2 million euros in 2019. This
amount was estimated at 513 000€ in 2017 and 806 000€ in 2018.
If all the industries are affected by
cyberattacks, 82% of the companies surveyed have been affected and 63% have
suffered a traffic disruption, the financial industry pays a more important
price with 88% of impact. Conducted with 900 persons from nine countries of
North America, Europe and Asia, the study indicates that financial companies
suffered 10 attacks in average during the 12 last months, i.e. an increase of
37% compared to last year.
The increase of the costs is only one of the
DNS attacks’ consequences for the financial services industry. The most common
impacts are the cloud services’ downtime, experienced by 45% of financial
organizations, and internal applications downtime (68%). Furthermore, 47% of
financial companies have been the victims of frauds by phishing attacks aiming
the DNS.
The survey clearly shows the insufficient
security measures implemented for the DNS securing. The delay in applying security
patches is a major problem for the organizations of this industry. In 2018, 72%
of the interviewed companies admitted that a 3 days’ delay was necessary to
implement a security patch in their systems, 3 days during which they are
exposed to attacks.
Only 65% of the financial institutions use or
plan to integrate a trusted DNS architecture, they seem to be always late and not
to be sufficiently aware of the risks associated to this central point of their
infrastructure. The evolution of the threats on the DNS is constant, the attacks
are many and complex. It is essential to quickly react to better protect
yourself.
Industry, trade, media, telecom, health, education, government, service… many others sectors are affected by the attacks. Some solutions exist. ANSSI publishes every year the guide of good practices regarding the DNS resilience, which details many recommendations in order to be protected. Relying on an Anycast network; possessing a protection system against DDoS attacks; having a monitoring of DNS traffic and a team able to take action quickly; possessing an efficient security policy … As many measures essential to the resilience and efficiency of the DNS network against these damaging attacks in terms of financial and image impact.
Hoping to see at last better figures in the
2020 report.
Just one year ago, in the context of the first
Paris Peace Forum, the French President, Emmanuel Macron, launched the Paris
Call for trust and security in cyberspace. This call is a political
declaration aiming to express a mobilization on the stability in the cyberspace
and strengthens the efforts of the international community and many actors
involved in the digital security issues. This text reminds some principles that
we think are fundamental, like the application of the international rights and
the Human rights in the cyberspace. It also highlights the need of a multi
actors’ approach, to create standards which will allow us to fully benefit,
i.e. in a reliable and secure way, from opportunities provided by the digital
revolution.
Lastly, the Paris Call promotes the
strengthening of the digital products and services’ security that we use for
example, in our daily lives. The text aims in that sense, to prevent
cyberattacks perpetrated by malicious actors, which threaten all the users of
the cyberspace.
Aware that our Society’s development, on the
economic, cultural and democratic fronts, requires a strengthened trust of the
information that flows through the Internet, Nameshield, which has worked for
25 years to protect the digital identity of its clients; companies, local
collectivities and administrations through the use of their domain names,
wished to join this initiative and sign the Paris Call.
Its job consists in ensuring the integrity and
resilience of the identity of individuals and organizations on the Internet,
represented today by the domain name. By highly protecting data on domain name
identity cards (Whois) and by providing a high availability and high performance
service through the associated Domain Name System (DNS), Nameshield contributes
to a large extent to the second principle of the Paris Call: Protecting the Internet. To prevent activity that intentionally and
substantially damages the general availability or integrity of the public core
of the Internet.
Cornerstone of the Web, the Domain Name System (DNS) serves as the Internet directory. This protocol translates a domain name into an IP address, based on a database distributed on thousands of machines. If the DNS falls because of data corruption or a denial of service attack, all your websites and emails would become inaccessible, which is completely unthinkable nowadays! The DNS must be protected and must stay highly available.
Protocol created in the 1980’s, security flaws regarding the usual functioning of the DNS have been identified since its creation. That is why, a new secured protocol, DNSSEC, has thus been developed to ensure the authenticity of the exchanges through a certified signature. Other solutions can complete the resilience of your identity on the Internet: the registry lock, SSL certificates…
The security solutions proposed by Nameshield, an independent French company that stores its data in France and possesses its own anycast and resilient DNS infrastructure, certified ISO 27001 on all its domain names activity, are compliant with the ANSSI recommendations on the good practices regarding the domain names’ acquisition and exploitation.
In the context of the 2nd Paris Peace Forum, the Ministry of Foreign Affairs wished to illustrate the second principle of the Paris Call: Protect the Internet by highlighting the services proposed by Nameshield. The company is proud to be able to collaborate, at its level, with the actors implicated in digital security issues in order to make the Internet more reliable and thus contribute to the security of the cyberspace.
The industry actors plan to reduce the lifetime of SSL/TLS certificates, allowing the HTTPS display in browsers, to 13 months, i.e. almost half of the present lifetime of 27 months, in order to improve security.
Google through the CA/Browser Forum has indeed
proposed this modification, approved by Apple and a Certification Authority, making
it eligible to vote. During the next CA/B Forum meetings, if the vote is
accepted, the modification of the requirements will come into effect in March 2020. Any certificate issued
after the entry into force date will have to respect the requirements of the
shortened validity period.
The aim for this reduction is to complicate
things for cyber attackers by reducing the duration of the use of the potentially
stolen certificates. It could also force companies to use the most recent and
the most secured available encrypting algorithms.
If the vote fails, it’s not to be excluded that
browsers supporting this requirement, unilaterally implement it in their root
program, thus forcing the change to the Certification Authorities. It’s likely
that this could be the case, this change follows Google’s precedent initiative that
aimed to reduce the lifespan from three years to two years in 2018, period during
which Google already wished to reduce it to 13 months or even less.
Who is impacted?
The changes proposed by Google would have an impact on all the users of TLS certificates of public trust, regardless of the Certification Authority that issued the certificate. If the vote passes, all certificates issued or reissued after March 2020 will have a maximum validity of 13 months. The companies using certificates with a validity period superior to 13 months will be encouraged to reconsider their systems and evaluate the impact of the proposed modifications on their implementation and their use.
The TLS certificates issued before March 2020 with a validity period superior to 13 months will stay operational. The public non-TLS certificate, for the code signing, the TLS private code and clients’ certificates, etc. are not concerned. It will not be necessary to revoke an existing certificate following the implementation of the new standard. The reduction will have to be applied during the renewal.
What do the market players think about this?
It would be a global change for the industry with
impacts on all the Certification Authorities. They view this proposition in a negative light. We
can see an economic interest above all, but not solely…
The main argument is that the market is not
ready in terms of automation system of orders and certificates implementations.
Indeed, there would be more human interventions with the risks associated with poor
handling, or simply a higher risk of forgetting a certificate renewal.
For Certification Authorities, reducing the
certificates’ lifespan to such a short term mainly presents an increase of the
human costs related to the certificate portfolio management. If they are not
fundamentally against this decision, they would particularly like more time to
study what users and companies think.
The position of browsers makers
Be it Google or Mozilla, the spearheads of the
native HTTPS massive adoption for all websites and the supporters of the
Let’sEncrypt initiative, what is important is the encrypting of all web
traffic. A reduction of the certificates lifespan reduces the risk of
certificates theft on a long period and encourages the massive adoption of
automated management systems. For these two actors, an ideal world would have
certificate of maximum 3 months. If they are attentive to the market as to not
impose their views too quickly, it is more than likely that in the long term
the certificates’ lifespan will continue to decrease.
Nameshield’s opinion
The market continues its evolution towards shorter
and shorter certificates’ validity, as a continual decrease of the
authentication levels and consequently a need for management automated
solutions that will increase. We will align on these requirements and advise
our customers to prepare themselves for this reduction which will, without a
doubt, arrive. Our Certification Authorities partners will also follow this
evolution and will allow to provide all systems of required permanent inventory
and automation.
To be heard
The CA/Browser Forum accepts comments of external participants and all discussions are public. You can directly enter your comments to the Forum distribution list: https://cabforum.org/working-groups/ (at the bottom of the page). Nameshield is in contact with CA/Browser Forum participants and will inform you of the future decisions.
On last May 10th, in a press release, the Pacers Sports & Entertainment (PSE) organization, owner of the NBA’s basketball team the Indiana Pacers, revealed that they were the victim of a sophisticated phishing attack at the end of 2018.
For reminder, phishing is a technique used to obtain personal information in order to commit an identity theft. This is a «social engineering» technique, i.e. consisting in exploiting not an IT flaw but a «human flaw» by deceiving web users through an e-mail seemingly coming from a trustworthy company, typically a bank or a business website.
Pacers Sports & Entertainment victim of a phishing attack
At the end of 2018, the company PSE has then been the target of a phishing emails campaign resulting in the unauthorized access to emails containing personal information related to a limited number of individuals.
This cyberattack affected a limited number of
individuals but the amount of the stolen information is important: name,
address, date of birth, passport number, driver’s license, state identification
number, account number, credit/debit card number, digital signature, username
and password and for some individuals, the Social Security number.
The American company has quickly implemented
measures to secure the affected email accounts and investigate the incident
with the assistance of forensic experts. This investigation then revealed that
the hackers had access to the accounts of a limited number of persons between
October 15th and December 4th, 2018. The press release
doesn’t give any details regarding the identity of the targeted persons.
PSE individually notified each victim whose
information has been stolen and assures that “to date, PSE has no evidence of
actual or attempted misuse of any personal information”. The organization offered
to the victims of the cyberattack an access to credit monitoring and identity
protection services at no cost.
Some simple rules against phishing
Phishing attacks are increasing. Above all, they are becoming more and more sophisticated, and target all kinds of industries. Each and every one of us must be extra vigilant.
Lastly, for reminder, here are some simple rules to protect yourself against phishing attempts:
Do
not reply when someone asks for your personal data by email;
Do
not ever open an attachment from an unknown sender, or from one who is not
entirely trustworthy;
Check
the links by hovering the cursor over them (without clicking) to ensure that
they link to trustworthy websites;
Do
not trust the name of the mail’s sender. If there is any doubt, contact the
sender through another method.
On April 15, 2019, ANSSI (the National Cybersecurity Agency of France), unveiled its annual report during a press conference. The agency identified 1869 alerts, 391 incidents without counting critical importance operators, 16 major incidents and 14 cyber defence operations for 2018. ANSSI also identified 5 major trends in terms of cyber threats observed in France and in Europe in 2018.
Analysis of cyber threat in 2018 – The 5 major trends
1.Cyber-espionage
Major concern for ANSSI in 2018, according to
the agency, cyber-espionage represents the highest risk for the organizations.
Extremely discrete, benefiting from important
financial resources, the attackers plan for many years highly targeted and
highly sophisticated attacks. In 2018, it was noted that the cyber attackers
are increasingly interested in vital activity sectors and specific critical
infrastructures like the defence, health or research sectors.
2.Indirect attacks
According to ANSSI, indirect attacks have known
an important increase in 2018. Indeed, to avoid the security measures
implemented by big companies, which are more and more aware of the cyber risk,
the attackers aim intermediaries, like providers, who are more vulnerable, to reach
their final targets.
Compromising one partner is enough to reach
many companies. So it is essential to choose partners that place their
information system’s security at the top of their concerns.
3.Destabilization and influence operations
Because of the nature of the targets and the
claims, these attacks though technically moderate, have often an important
symbolic impact. An increase has been observed in 2018.
4.Cryptojacking
For reminder, cryptojacking is a cyberattack
that consists in using the computer’s power of its victim to mine
cryptocurrency.
In 2018, many attacks of this kind were
observed. The more and more organized attackers benefit from the security flaws
to compromise their victims’ equipment by placing cryptocurrencies’ miners
without them knowing it.
5.Online frauds
Online frauds represent as much of a constant cyber threat for the companies and the big organizations as for the individuals. ANSSI noted an important growth of online frauds last year. Big operators are becoming more concerned about cybersecurity, so the attackers turn towards targets less exposed but more vulnerable, like territorial authorities or actors in the health sector which thus were the targets of many phishing attacks in 2018.
Conclusion
The multiplicity and the magnitude of the attacks observed during 2018, prove that it is essential to implement security measures to prevent these cyber threats, within big organizations, big groups as well as small companies.
“The
conclusion is clear: 2018 proves once again that digital risk, far from being
ethereal, must be at the heart of our concerns. Not only those of ANSSI! The
cyberattacks affect all of society. That is why we must all seize the matter.” explains
Guillaume Poupard, ANSSI’s General Director.
The CESIN (Club of Information and digital security experts) just published the fourth edition of its annual barometer realized with OpinionWay within its 174 members, 84% are CISO (Chief information security officer) of big French companies. This annual study allows to better define the perception and reality of cybersecurity and its issues within the companies which are members of CESIN.
The most common cyberattacks and their impacts
During these twelve last months, although the
attacks number tends to stabilize, 80% of the interviewed companies have been
the victims of at least one cyberattack, and the consequences on the business (stopping
of the production, unavailable website, revenue loss…) are more important than
in 2017.
Each year, companies face five kinds of
cyberattack on average.
Among the attacks suffered, phishing is the
most frequent with 73% of companies affected, followed by the “Fake President” fraud with 50% of the respondents affected,
then in third position is the ransomware and the malware infection.
Regarding cyber risks, Shadow IT is the most
frequently encountered risk, 64% of the interviewed CISO estimate that this is
a threat to deal with. Indeed, the implementation and use of non-approved and often
free applications can escape the control of the Information systems department.
Cloud and IoT: the impact of the digital transformation on the security of Information systems
For 98% of the companies, digital
transformation has a real impact on the security of Information and data
systems and increases the cyberattacks’ perimeter. Particularly through the
important use of Cloud, used by 87% of the companies, of which 52% store their
data in public Clouds.
This use of Cloud represents an important risk
because of the lack of control from the hosting provider regarding the
company’s data (through administrators or others), or regarding the
subcontracting chain used by the hosting provider, or even regarding the data
not deleted. For 89% of the CISO, these issues imply the use of complementary
securing tools to the ones proposed by the service provider in order to secure
the data stored in the Cloud.
Concerning IoT (Internet of Things), the race
for innovation and the increasingly common use of connected things lead to the
apparition of new cybersecurity threats, notably due to security flaws in these
devices.
A cyber resilience to develop
To face these cyber risks, the CISO develop
many technical solutions.
However, despite all these solutions, the CISO
are less confident comparing to last year regarding the company’s capacity to
face these cyber risks, and less than one out of two estimates that their
company is prepared to manage a large scale cyberattack. And yet, only 12% have
implemented a real cyber resilience program, it is in process for 33% and 34%
are planning to implement one.
Three essentially human issues for the future of the cybersecurity
Awareness of the user
According to 61% of the interviewed CISO, the main
issue for the future of the cybersecurity is the training and the awareness of
the users to the cybersecurity issue. According to the respondents, “even if
the employees are aware, they are still not involved enough and do not
necessarily follow the recommendations. An important education work remains.”
Governance of the cybersecurity
For 60% of the respondents, the governance of
the cybersecurity needs to be placed at the right level. Although the
compliance to the GDPR allowed the companies to be aware of the data protection
issues, the confidence in the ability of the executive committee to take into
account the cybersecurity issues stays uneven depending on the activity
sectors.
Human resources
The lack of Information system security profiles
observed by 91% of the CISO, is a real challenge for the companies while 50% of
these companies plan to increase the workforce allocated to cybersecurity.
In the context of the fight against insecurity on the web, DNS Belgium, the .BE registry, decided to intensify its action by cooperating with the FPS Economy [The FPS Economy, SMEs, Middle Classes and Energy is a Federal Public Service of Belgium which is responsible for contributing to the development, competitiveness and sustainability of the goods and services market in Belgium] in order to shut down fraudulent websites within 24 hours.
Philip Du Bois, general manager of DNS Belgium indicates: “This protocol will enable us to take even more targeted action, together with the FPS Economy, against possible abuses where .be domain names are involved. It underscores our ambition for a high quality and safe .be zone which serves as suitable environment for the further development of the Internet.”
The aim: to ensure
consumers a completely safe Internet browsing on .BE websites.
This procedure will ensure a much higher
reactivity. Indeed, until now, FPS Economy couldn’t request a blocking from the
registry regarding the content, moreover fraudulent websites with correct
identification data (at least of which the forgery couldn’t be proven), were untouchable.
The blocking required a request from the Prosecution, i.e. a two weeks long
procedure, which left plenty of time for the fraudulent website to create
important damages to the consumers. Several hundreds of such websites per year
were concerned!
From December, the 1st 2018, the protocol will then allow at the request of FPS Economy, the DNS Belgium registry to block .BE domain names which:
Are used for fraudulent websites
Host phishing websites
Of course, this procedure will be applied in
the case of serious crimes.
The blocked domain name’s owner will have two
weeks to react against the blocking. Without action of their part within 6
months, the blocked name will expire.
This still too rare initiative is to be
welcomed in a context of the fierce fight against cybercriminality!
Nameshield uses cookies
Nameshield wishes to use cookies to ensure the proper functioning of the site and, with our partners, to measure its audience🍪.
Nameshield wishes to use cookies to ensure the proper performance of the website and, with our partners, to monitor its audience. More information in our Cookie Policy 🍪.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-advertisement
1 year
Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent
1 year
Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Cookie
Duration
Description
_ga
2 years
The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_25904574_14
1 minute
Set by Google to distinguish users.
_gid
1 day
Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Cookie
Duration
Description
NID
6 months
NID cookie, set by Google, is used for advertising purposes; to limit the number of times the user sees an ad, to mute unwanted ads, and to measure the effectiveness of ads.
