SLOW ADOPTION OF DNSSEC PUTS LEADING E-COMMERCE COMPANIES AT RISK

None of the 100 Leading E-Commerce Companies Have Taken Basic Steps Toward DNS Security

DENVER – February 5, 2013 – The biggest brands in e-commerce are overlooking a critical security technology that could reduce the risk of identify theft and credit card fraud, according to an analysis by DNS security company Secure64 Software Corporation. An analysis of the 100 largest e-commerce companies in the United States conducted by the technical team at Secure64 reveals that:

  • None of the 100 largest e-commerce sites have fully implemented Domain Name System Security Extensions (DNSSEC)
  • None of these 100 largest e-commerce sites are showing evidence that they are in a trial deployment of DNSSEC.
The DNS is the phone book of the internet, translating names that people can remember into numbers that computer networks require in order to communicate. DNSSEC is a set of security protocols that fix fundamental vulnerabilities in the DNS. With DNSSEC, internet users know for sure that their web and email communications reach the server that they intended, and are not hijacked by an attacker to steal personal or confidential information. DNSSEC is also a basic mechanism to ensure that SSL and VPN are truly trustworthy. Without the enhanced security that DNSSEC provides, communications between applications and organizations via SSL and VPN may be susceptible to eavesdropping, tampering and other threats.
“Secure64 has conducted a series of analyses to measure progress in making DNS more secure, and this study of the e-commerce industry may be the most surprising and disturbing given how central Domain Name Server (DNS) infrastructure is to the entire business model of leading e-commerce sites,” said Joe Gersch, Chief Operating Officer at Secure64. “Secure DNS infrastructure is of great importance to the other industries we have analyzed, but DNS security is even more critical to e-commerce sites because all of their transactions are dependent on that infrastructure. These companies should not waste any more time in addressing this urgent security issue. Their businesses depend on it.”
Secure64 has been conducting this series of DNSSEC analysis as a follow-up to a 2010 study by Forrester Research titled, “DNSSEC Ready for Prime Time,” which reported on organizations’ plans to implement Domain Name System Security Extensions (DNSSEC) security protocols. There has been near-unanimous international support for adoption of DNSSEC, including directives and announcements by the White House, the FCC, the telecommunications industry and others acknowledging the importance of this issue.
For the results of Secure64’s analyses of DNSSEC progress in other industries, visit www.secure64.com/press_releases.

About Secure64 Software Corporation

Secure64 is a software developer with the most secure DNS products available. Secure64’s patented technology provides mission-critical security and reliability, built-in protection from DDoS attacks, high throughput and low latency. It has been shown to be immune to compromise from rootkits and malware and resistant to denial of service and other network attacks. The company offers a suite of trusted and secure DNS software appliances for caching, signing, blacklisting, management, and authoritative use. They also host a testbed for detection of IP Route Hijacking. Secure64’s products are sold and serviced worldwide through Hewlett-Packard and their reseller network and directly by Secure64. For more information, visit https://secure64.com.