A big congratulations is in order for the Department of Internal Affairs (DIA) and their nomination in the 2016 iSANZ Information Security awards. The nomination came as a result of the extra level of security deployed on the DNS (Domain Name System) for all New Zealand’s govt.nz domain names, which DIA manage. We were fortunate enough to help them build this important extension. Let us explain what was involved.
When you visit a web page or send an email, your computer issues a request to a DNS name server to translate the website or email address’ domain name into the IP address for the relevant web or email server. This happens for every site on the internet, and may seem straightforward, until you add the increasing complexity of technology advancements, the malicious intents of clever technical people and the volume of sensitive information stored on govt.nz sites.
Online security is a growing issue. During a Cyber Security Conference in Wellington last month, Andrea Hancox, Government and Member Relations Director at the Technology Industry Association (NZTech) said that cybercrime is increasingly being identified as a top threat to New Zealand, as criminals, rogue nations and others in the dark net seek to strike and disrupt at any moment. In other words, simple DNS requests are increasingly at risk of hacker attacks.
In response to this growing threat, DIA partnered with Modica Group to develop an enhanced security solution, the DNSSEC (Domain Name System Security Extensions). DNSSEC confirms that the IP address returned by the name server is authentic and has not been tampered with. This was rolled out across all govt.nz domain names in February 2016, and has been running successfully ever since. That’s good news for DIA and even better news for the millions of New Zealanders who have regular interactations with govt.nz sites.
After winning last year’s Best Security Awareness Campaign category, it’s no surprise that the DIA is once again in the running for an award. The DIA’s implementation has been applauded by the Domain Name Commission Ltd. (DNCL). Barry Brailey, Manager of Security Policy says that by securing .govt.nz with DNSSEC, DIA is demonstrating its commitment to New Zealanders’ online security and helping to improve how New Zealand is viewed from a cyber security perspective.
Jay Daley, Chief Executive of domain name operator, NZRS, thinks so too. “We hope this is a trigger for internet service providers who are yet to support DNSSEC, to add that support soon so that all Internet users can benefit from the added security and show government that the entire Internet industry is behind cyber security initiatives.”
Online security isn’t the only way we work with DIA. In 2015, Modica Group designed a secure two-way text service using the SPAM (7726) shortcode and mobile website to collect information about spam texts. Since making it easier for people to report, the DIA has seen a 500% increase in complaints lodged, resulting in a increasingly safer mobile messaging space in New Zealand. If you’d like to find out more about how we can help you with mobile or security please get in touch.