Keeping cyberspace safe
- By Yin Pumin
0 Comment(s)
Print
E-mail Beijing Review, March 20, 2014
The snag, caused from a cache poisoning attack, was an unprecedented malfunction both in terms of the number of websites affected and the duration of the disruption. It left large numbers of top-level domains—including those ending in .com, .net and .org—out of commission and affected around two thirds of Chinese websites.
The DNS works as a navigator when people surf online, directing page view requests to their corresponding IP addresses.
Root name servers form the backbone of the DNS system and are responsible for returning addresses to Internet users when they visit a website. Without them, accessing the Internet would not be possible.
Hacking the DNS can trick the server into guiding requests to the wrong site. Technically, hackers can direct netizens to phishing websites. Such behavior can result in user information being compromised, said Zhao Wu, a website security expert with Beijing-based tech firm Qihoo 360 Technology Co. Ltd. He added that it is difficult to take precautions against such threats.
The January 21 incident, however, only led netizens to a blank page, and no leakage of information has been reported, according to Zhao.
Experts said that security awareness concerning DNS is weak in China and that most major domain name servers are poorly guarded.
"All the root name servers are located in the United States, Japan and European countries. A problem with them would affect all the domain name processes and websites in China," said Dong Fang, another website security expert with Qihoo 360.
CNNIC Executive Director Li Xiaodong admitted that China does not have the required conditions to set up a root name server. "The only way to improve the Internet's speed and stability is to introduce more root name server mirrors," he said.
Li called on the government to spend more on the country's DNS infrastructure and stressed that a quick-responding mechanism for emergencies is badly needed. "The country should see the DNS as a critical national strategic infrastructure because it is the foundation of the entire Internet," Li noted.
The January 21 incident has also spurred experts to reflect on whether China is ready for a possible cyber war, suggesting that the government learn from other countries' experience.
Currently, more than 50 countries have formulated strategies for Internet security and more than 40 countries have established special forces for cyber warfare.
In 2009, the United States established the United States Cyber Command for its armed forces to deal with the military's cyberspace operations. The U.S. Department of Homeland Security also has an Office of Cybersecurity and Communications that is responsible for "enhancing the security, resilience and reliability of the nation's cyber and communications infrastructure."
At a 2013 meeting attended by representatives from big global enterprises, Minister Cai said that China values other countries' experiences in developing and administering the Internet and is willing to conduct more exchanges and cooperation in combating online crime, enhancing Internet-related legislation and promoting public awareness in relevant fields.
Go to Forum >>0 Comment(s)