sb-nz logo
Story image

Domain Name Commission & CERT NZ to share information about .nz cyber threats

14 Jun 2018

CERT NZ and the Domain Name Commission (DNC) are vowing to protect all .nz domain names from cybersecurity threats.

The two agencies have agreed to share certain domain registration information so that they can ‘enhance’ cybersecurity in New Zealand.

“We’re pleased to announce that we have signed a Memorandum of Understanding with CERT NZ, who will use their access to international cyber threat and vulnerability information together with withheld domain name registration information to alert domain owners in the .nz space to cybersecurity issues,” comments Domain Name Commissioner Brent Carey.

The Memorandum of Understanding will allow CERT NZ to access withheld domain name registration information from the DNC in situations where cybersecurity threats have been identified.

CERT NZ must provide reasons for accessing the data, and the DNC can suspend CERT NZ’s access if it believes that access has affected security and stability of the .nz domain.

The DNC will also share regular transparency reporting, including high-level information on the withheld data accesses by CERT NZ.

“Both parties acknowledge that there will be occasions when access to the Withheld Data is needed in a timely manner to prevent possible security issues and harm… The parties will work together as much as possible to resolve any such security issues,” the Memorandum of Understanding says.

According to Carey, the DNC and InternetNZ are stewards of the .nz domain space. He says they are conscious of the role they play to keep New Zealanders and their domains safe.

Currently individuals that own .nz domains are able to use the Individual Registrant Privacy Option to hide certain contact details from .nz query searches and domain lookup services such as WHOIS.

“Where individuals have validly chosen our privacy option, it’s paramount we protect their privacy. Security of our domain name space critical infrastructure is equally as important. Putting this agreement in place means that we can protect that privacy while also giving CERT NZ access to some information that they need to help keep New Zealand safe,” says Carey.

CERT NZ director Rop Pope adds that the Memorandum of Understanding and access to privileged information is about keeping Kiwis safe online.

“When we’re alerted to issues that may affect New Zealand domain owners, this agreement means we can access the right information at the right time.”

Pope adds that cybersecurity must be a team sport.

“When we’re alerted to issues that may affect New Zealand domain owners, this agreement means we can access the right information at the right time,” he concludes.

Story image
Holistic web protection market to reach $3.63bn by 2025
Retail, banking and technology sectors are driving the global holistic web protection market, according to new findings from Frost and Sullivan. More
Story image
Online gaming a 'hotbed' for DDoS attacks — report
The latency and availability issues present in online gaming, in particular, presented an attractive target to attackers, in addition to the enduring popularity of gaming in the era of COVID-19.More
Story image
Sophos Rapid Response puts out the ransomware fire
“Attackers are using a range of techniques and whichever defence has a weakness is how they get in. When one technique fails they move on to the next, until they find a weak spot."More
Story image
Check Point exposes Android malware vendor using dark net to rebrand products
Check Point security researchers have exposed an Android malware vendor using a marketer on the dark net to rebrand its products, with the intention of supercharging business and throwing off security vendors. More
Story image
Hornetsecurity acquires Altaro, the latest in acquisition spree
The move is a culmination of a medley of acquisitions made by Hornetsecurity recently, following the January 2019 acquisition of Spamina, a Spanish cloud email security company, as well as EveryCloud, its British market partner, in early 2020.More
Story image
Cybersecurity spending to increase following SolarWinds hacking
Hackers breached software provider SolarWinds, directly infecting the company’s Orion software as well as several local, state and federal agencies.More