Story image

Domain Name Commission & CERT NZ to share information about .nz cyber threats

14 Jun 18

CERT NZ and the Domain Name Commission (DNC) are vowing to protect all .nz domain names from cybersecurity threats.

The two agencies have agreed to share certain domain registration information so that they can ‘enhance’ cybersecurity in New Zealand.

“We’re pleased to announce that we have signed a Memorandum of Understanding with CERT NZ, who will use their access to international cyber threat and vulnerability information together with withheld domain name registration information to alert domain owners in the .nz space to cybersecurity issues,” comments Domain Name Commissioner Brent Carey.

The Memorandum of Understanding will allow CERT NZ to access withheld domain name registration information from the DNC in situations where cybersecurity threats have been identified.

CERT NZ must provide reasons for accessing the data, and the DNC can suspend CERT NZ’s access if it believes that access has affected security and stability of the .nz domain.

The DNC will also share regular transparency reporting, including high-level information on the withheld data accesses by CERT NZ.

“Both parties acknowledge that there will be occasions when access to the Withheld Data is needed in a timely manner to prevent possible security issues and harm… The parties will work together as much as possible to resolve any such security issues,” the Memorandum of Understanding says.

According to Carey, the DNC and InternetNZ are stewards of the .nz domain space. He says they are conscious of the role they play to keep New Zealanders and their domains safe.

Currently individuals that own .nz domains are able to use the Individual Registrant Privacy Option to hide certain contact details from .nz query searches and domain lookup services such as WHOIS.

“Where individuals have validly chosen our privacy option, it’s paramount we protect their privacy. Security of our domain name space critical infrastructure is equally as important. Putting this agreement in place means that we can protect that privacy while also giving CERT NZ access to some information that they need to help keep New Zealand safe,” says Carey.

CERT NZ director Rop Pope adds that the Memorandum of Understanding and access to privileged information is about keeping Kiwis safe online.

“When we’re alerted to issues that may affect New Zealand domain owners, this agreement means we can access the right information at the right time.”

Pope adds that cybersecurity must be a team sport.

“When we’re alerted to issues that may affect New Zealand domain owners, this agreement means we can access the right information at the right time,” he concludes.

Human assets the key to a successful digital transformation
Y Soft's Martin de Martini says it's vital that organisations continue to train and motivate their employees.
New blockchain solution aims to keep our food ethical
OpenSC enables anyone to scan product QR codes which automatically takes them to information about where a specific product’s journey.
Cofense launches MSSP program to provide phishing defence for SMBs
SMBs are highly susceptible to phishing attacks, and often lack the resources necessary to stop advanced threats
Kiwis make waves in IoT World Cup
A New Zealand company, KotahiNet, has been named as a finalist in the IoT World Cup for its River Pollution Monitoring solution.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Office workers frustrated by poor information management systems
82% of workers believe poor information management is damaging their productivity in the workplace.
Jobs 'aplenty' for freelance writers, devs & ecommerce specialists?
Jobs tagged with the keyword ‘writing’ took the top spot as the fastest moving job in 2018.
Updated: Chch crypto-exchange Cryptopia suffers breach
Cryptopia has reportedly experienced a security breach that has taken the entire platform offline – and resulted in ‘significant losses’.