SWITCH is launching a five-year programme for increased protection against cybercrime. The foundation plans to promote the introduction of established security standards among providers of .ch and .li domain names with financial incentives.
On 1 January 2022, SWITCH started a five-year programme aimed at protecting .ch and .li domain names against cyber risks. The goal: to protect 60 per cent of domain names with DNSSEC by the end of 2026. DNSSEC is a fundamental security standard recommended by security experts around the world. “Whenever I visit a website, I want to be confident that the site I am visiting is a genuine one. DNSSEC ensures that attackers are unable to redirect my request on the internet to a fake website. Threats such as password and credit card phishing, computer viruses and other forms of internet crime are often lurking on these fake websites,” explains Michael Hausding, an expert in domain fraud at SWITCH.
At the start of 2021, six per cent of .ch domain names were protected with DNSSEC. This falls well short of other European countries such as the Czech Republic or Norway, which boast figures of around 60 per cent. The Swiss Federal Office of Communications has therefore commissioned SWITCH with the task of promoting DNSSEC using financial incentives for providers of .ch domain names (registrars). In other countries, financial incentives have proven to be the most effective method of substantially promoting DNSSEC.
Together with the registrars, SWITCH has been preparing for the programme launch since the spring of last year. This is showing an effect. The first registrars have begun the process of protecting the domain names under their administration with DNSSEC and the share of .ch domain names with DNSSEC protection had grown from six per cent to 35 per cent by the end of 2021.
The financial incentives are twofold: Registrars that do not protect the domain names under their administration with DNSSEC pay an extra franc per domain name. Registrars that protect the domain names with DNSSEC stand to benefit proportionately from this extra income.
For Switzerland’s digital future to flourish, society depends on a secure and stable internet infrastructure. As cyber risks increase around the world, the involvement of SWITCH is key to the task at hand. The domain ending .ch is a critical infrastructure that SWITCH has been protecting since the dawn of the internet. With the launch of its five-year programme, SWITCH is using its expertise to make an important contribution to reducing cyber risks. The promotion of DNSSEC is crucial in the early stages of this endeavour, with further security standards to be added to the programme over time.
DNSSEC is an extension of the domain name system (DNS). DNSSEC uses cryptographic signatures to ensure that any manipulation of DNS responses does not go unnoticed, enabling data to be published securely in the DNS. Almost every transaction on the internet starts with a DNS query. This includes activities such as sending emails, instant messaging, visiting websites and online banking. DNSSEC prevents a connection from being redirected to the wrong server via fraudulent DNS responses. Numerous other DNS security standards are based on DNSSEC or benefit from manipulation security through DNSSEC.
For more information, visit https://www.nic.ch/security/dnssec/.
To find out whether a .ch domain name is protected with DNSSEC: https://www.nic.ch/whois/
To find out whether a .li domain name is protected with DNSSEC: https://www.nic.li/whois/
Statistics about .ch domain names with DNSSEC: https://www.nic.ch/statistics/dnssec/
Statistics about .li domain names with DNSSEC: https://www.nic.li/statistics/dnssec/