Dutch banks and ISPs behind in domain security

Banks in the Netherlands are the lowest adopters of technology that prevents visitors to their websites being redirected to fraudulent addresses, according to a study from internet registry SIDN.

Banks in the Netherlands are the lowest adopters of technology that prevents visitors to their websites being redirected to fraudulent addresses, according to a study from internet registry SIDN.

Download this free guide
New technologies: a source of threat as well as a solution

Learn about fighting the ever evolving ransomware, IoT botnet malware and data manipulation attacks.

Start Download

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

The study of Dutch organisations’ adoption of domain name system security extensions (DNSSEC) security, a set of standards created to address vulnerabilities in domain names, found that only 6% of banks are using it. In total, 46% of .nl domains are protected by the technology.

Internet service providers (ISPs) in the Netherlands had the next lowest adoption of DNSSEC at 22%.

“Banks should be the main users of DNSSEC security, but they scored the worst of all investigated domains for the second time in a row,” said Roelof Meijer, CEO at SIDN. “With the closing of the physical bank branches and to reduce the number of ATMs, the online front door of the banks is becoming increasingly important.”

“Without DNSSEC, there’s a risk that, despite entering the right domain name, people will end up on a fake site set up to trick them,” said SIDN.

“DNSSEC also forms the basis for new applications, such as systems for making email safer and easily sharing cryptographic keys for securing internet communications.”

The study found that Dutch government organisations were the most improved when it comes to domain-protecting security. The previous study in 2014 found only 11% of government websites to be secure, but now 59% are.

Meijer said it was hard to think of any good reason not to implement DNSSEC protection. “We believe that it’s now up to the big internet service providers to act,” he said.

“It is important they get behind DNSSEC, because the protocol is only effective if ISPs commit to validating domain names’ digital signatures.”

Leave a Reply

Your email address will not be published. Required fields are marked *