Canada’s ccTLD registry, CIRA, has made the internet a bit safer and more private this week with the launch of CIRA Canadian Shield – a free DNS firewall service that will provide online privacy and security to individuals and families across Canada.Continue reading CIRA Provides Canadians With Free DNS Firewall To Enhance Security And Privacy
Technology and internet use has changed in Canada since the COVID-19 pandemic began a survey data from the Canadian Internet Registration Authority (CIRA) has found. Widespread school closures, social distancing, and work from home has significantly shifted how Canadians are using the internet to learn, work, and stay connected with friends and family.
The findings suggest that the number of Canadians working from home has skyrocketed, and that many are experiencing slower internet speeds as video streaming and video and teleconferencing are on the rise.
“COVID-19 has changed everything. It feels like overnight the entire country had to move their work, schooling, and social calendar online,” said David Fowler, vice-president, marketing and communications, CIRA, the company that manages the .ca ccTLD.
“Over the past few weeks, the power of the internet to connect us has never been more clear, nor more important. The data shows how the country is coping with our massive shift online. There are struggles as Canadians discover that working from home isn’t without its pitfalls, but we are also seeing families and friends playing games, hosting video conference parties and connecting online like never before. As Canadians do their part to fight this virus, we hope this data helps shine a light on what folks are doing online during this very unusual time in our country’s history.”
Mobile and Home Internet Use:
- Many Canadians are reporting slower internet speeds. 38 per cent of respondents said their home internet connection is slower than before the COVID-19 pandemic and social distancing began.
- B.C. residents are more likely to say their connection is slower since the pandemic began (49 per cent).
- Nearly one in 10 Canadians have reported reaching their monthly mobile phone data cap since the pandemic began.
Working From Home:
- The number of Canadians working from home has grown seven-fold. Half of Canadians (52 per cent) currently employed say they are now working from home as a result of the COVID-19 pandemic, compared to only 7% who were working from home before it began.
- Nearly half of households (44 per cent) report having two or more people working at home due COVID-19.
- 61 per cent of respondents working from home say having no commute is by far the biggest perceived benefit of widespread working from home.
- Nearly half (45 per cent) say the biggest drawback is fewer face-to-face interactions, followed by problems ‘switching off’ (27 per cent) and lack of proper office equipment (25 per cent).
- One in four (26 per cent) working from home report having no dedicated workspace and instead have to continually move around and improvise.
Entertainment and Staying Connected with Family and Friends
- A majority of Canadians are spending more time streaming video online. 70% of respondents say they are spending more time streaming TVs and movies, while a third or more (38%) report spending ‘a lot’ more time doing so.
- 18 to 39 year olds are more likely than those 40+ to spend more time playing video games and listening to podcasts.
- Over half (61 per cent) of Canadians report spending more time connecting with friends via video or teleconference.
- The telephone tops the list of preferred ways to stay in touch with friends and family amongst those over 40 years of age. For those 18-39, the most preferred method is WhatsApp.
- Internet users in Canada are making an effort to support Canadian businesses. 6-in-10 have made an effort to support Canadian businesses and retailers instead of international ones when shopping online since the pandemic began.
- Nearly half (46 per cent) say they are shopping mostly from large chain stores for food and other items, while, about one-third (36 per cent) are shopping from both large chains and local small businesses.
- Few Canadians (12 per cent) report that they are shopping primarily from local small businesses.
- While people are more likely to say that their online shopping frequency has increased with large retailers than with local independent stores, they report that the most common way of engaging with local area small businesses is by ordering take-out or delivery (35 per cent).
The Canadian Internet Registration Authority (CIRA) has announced the opening of its annual $1million+ Community Investment Program granting initiative for 2020. Not-for-profits, charities, and researchers are invited to apply for funding that will improve the health and quality of Canadaâs internet. Applications close on 25 February.
The Community Investment Program from Canadaâs ccTLD manager focuses on internet-related projects in Canada and awards grants of up to $100,000, including one grant of up to $250,000. To ensure support for digital projects in underserved areas and communities, this yearâs granting cycle will give preference to initiatives that benefit students and rural, northern and Indigenous communities. CIRA is looking for projects in these four areas:
- Infrastructure research or projects that improve internet speed, access, and costs.
- Digital literacy tools, research, and training programs to develop digital skills.
- Cybersecurity projects or research that promote usersâ safety online.
- Community leadership initiatives including events or research that engage Canadians in domestic internet policy issues.
âSince 2014 weâve funded more than 150 internet projects from coast to coast to coast. Now weâre focusing in on some of Canadaâs hardest to reach places,â said David Fowler, vice-president, marketing and communications. âWeâre especially looking for projects that benefit students as well as people in rural, northern and Indigenous communities who for too long have faced barriers to participating in Canadaâs digital economy. We hope our Community Investment Program grants can help teach our youth the digital skills they need to be safe online, and fill the gaps in education and internet access for people in under-served areas of Canada.”
Since 2014, CIRAâs Community Investment Program grants have provided $6.7 million in funding for 151 projects across Canada. To learn more about the program, funding categories, and projects that CIRA has supported in the past, head to cira.ca/grants.
Past winners have included:
- CompuCorpsâ Indige-preneurs program provides digital literacy workshops for Indigenous women focused on building an online business.
- The Gwich’in Tribal Council and University of Alberta researchers created resources to support citizen decision-making regarding broadband deployment in the Northwest Territories.
- SimpleCell is an infrastructure project that allows residents without high-speed internet to access it from their cell phones and mobile devices within the historical Francophone region of the Port au Port Peninsula in Newfoundland.
Canadaâs ccTLD registry has published the results of their 2019 Cybersecurity Survey Report that found 71% of organisations reported experiencing at least one cyber-attack that impacted the organisation in some way, including time and resources, out of pocket expenses and paying a ransom.
âNow more than ever, Canadians need trust in the internet,â said Byron Holland, president and CEO, CIRA. âWe believe that security is the foundation of that trust which is why we have leveraged our experience safeguarding the .CA domain to help Canadian organisations protect themselves and their users.â
The report provides an overview of the Canadian cybersecurity landscape and surveyed more than 500 individuals with responsibility over IT security decisions at both private and public sector institutions across Canada to learn more about how they are coping with the increase in cyber threats.
The full report, released as part of CIRAâs Cybersecurity Awareness Month activities, also found 96% of respondents said that cybersecurity awareness training was at least somewhat effective in reducing incidents while only 22% conducted the training monthly or better.
Other key findings were:
- Only 41% of respondents have mandatory cybersecurity awareness training for all employees.
- Among those businesses that were victimised by a cyber-attack, 13% indicated the attack damaged their reputation. This perception is a sharp contrast to the findings of CIRAâs recent report: Canadians deserve a better internet, which indicated that only 19% of Canadians would continue to do business with an organisation if their personal data were exposed in a cyber-attack.
- 43% of respondents were unaware of the mandatory breach requirements of PIPEDA.
- Of those businesses that were subject to a data breach, only 58% reported it to a regulatory body; 48% to their customers; 40% to their management and 21% to their board of directors.
- 43% of respondents who said they didnât employ dedicated cybersecurity resource cited lack of resources as the reason. This is up from 11% last year.
âWhile technical solutions are important, the best layer of security for any organisation are cyber-aware employees,â said Jacques Latour, chief security officer, CIRA. âWe are happy to see more organisations embracing cybersecurity awareness training as a critical element of their defence. However, there is more work to be done to ensure the quality and rigor of the training offered keeps pace with the ever-changing world of cybersecurity.â
The full report is available to download from: https://cira.ca/resources/cybersecurity/report/2019-cira-cybersecurity-survey
CIRA is sending in the law enforcement, the “Eh Team”, threatening Canadians who choose a .com or other top-level domain instead of their very own .ca in a humorous attempt to encourage more .ca domain name registrations.
It’s the Canadian ccTLD registry’s first ever broadcast campaign, called “Don’t Be A Traitor”, and is hoping a little fun will help educate Canadians as to the value of .ca domain names for Canadian businesses.
”Even today, it is estimated that more than 50 per cent of Canadian businesses still don’t have a website,” said Byron Holland, president and CEO of CIRA. “These businesses are missing out on economic advantages that the web offers, and if they don’t have a .CA domain, they are missing out on potential customers as well. Our goal with this campaign is to break through the noise with some over-the-top humour, and demonstrate the value of a .CA domain for Canadian businesses.”
CIRA’s .CA Domain Squad is dogged in their efforts to help Canadian business make the right choice to attract more customers to their businesses with a .CA domain name. Their methods are at times extreme, but it’s only because they care.
CIRA explains the .CA Domain Squad is comprised of:
- The Sergeant: He’s not just a “by the book” type, he wrote the book.
- The Rookie: What he lacks in experience he makes up for in knee-high socks.
- The Loose Cannon: Rumour has it she once bought a poorly made juicer from a .com website. She has never been the same since.
- The Vet: He retires in two days. Hopefully we can wrap this up by then.
“.CA domain names help Canadian businesses attract more customers, enhance their brand, and they help support Canada’s internet,” said David Fowler, vice president, marketing and communications at CIRA. “Our goal with this campaign is to promote the value of .CA to support Canadian businesses. Using anything else is almost criminal.”
The commercial will air over broadcast television in the Greater Toronto Area from 23 September until 17 November. It will also be featured on streaming services and in cinemas in the Greater Toronto Area.
An integrated social media, search and content campaign featuring the .CA Domain Squad will accompany the commercial.
An EBERO provider is temporarily activated if a generic Top-Level Domain (gTLD) operator is at risk of failing to sustain critical registry functions. Ensuring the availability of these functions protects registrants, also known as domain name holders, and provides an additional layer of protection to the Domain Name System (DNS), and industry ecosystem.
“CNNIC, CIRA, and Nominet all have the experience, staff, and systems required to execute an efficient transition should an EBERO event occur,” said Cyrus Namazi, Senior Vice President of ICANN‘s Global Domains Division. “Their geographic diversity is also a benefit, enabling nearly continuous coverage across multiple time zones, and the ability to provide services in multiple regions in case of local disasters.”
âWe are honoured to be among this select group of trusted registry operators. In a short time period, the CIRA Registry Platform and DNS have been recognized as among the most advanced and robust platforms for managing a top-level domain,” said Dave Chiswell, vice president, product development, CIRA. “When we transitioned .CA to our new platform we incurred only eight hours of downtime. Our technology and know-how enable us to migrate a registry quickly and will be essential should our services ever be required in an emergency.â
EBEROs have demonstrated years of experience in operating domain name services, registration data directory services and extensible provisioning protocol services. Additional requirements for the EBERO service are noted in the Request for Proposal published here.
Click here for more information about the EBERO Program.
ICANN‘s mission is to help ensure a stable, secure, and unified global Internet. To reach another person on the Internet, you need to type an address â a name or a number â into your computer or other device. That address must be unique so computers know where to find each other. ICANN helps coordinate and support these unique identifiers across the world. ICANN was formed in 1998 as a not-for-profit public-benefit corporation with a community of participants from all over the world.
This ICANN announcement was sourced from: https://www.icann.org/news/announcement-2019-08-26-en. It also includes an additional quote from CIRA’s Dave Chiswell.
The importance of keeping ones domain name secure is something that many organisations and people take for granted. With .ca domain names in mind, but also being applicable to all domain name registrants, the Canadian ccTLD manager CIRA has provided a handy Ultimate Domain Name Security Checklist.
CIRA note âit can be easy to forget just how many applications rely on the DNS to function, and how critical domain names are to the entire internet ecosystem.â
âIf you manage a .CA domain name, or any other domain name, it is critical to understand just how central they are to both the functioning of your business and the security of your systems. No matter how small your business is or how insignificant some of your domains may be, if they become compromised they can cause headaches that spread throughout your ecosystem. Even old, unused domains can be used by hackers to infiltrate or embarrass your organization.â
The guide has a checklist of the following records domain name registrants should keep and actions they should take:
- Where is your domain name registered? Take note of the registrar name and their website.
- Is two-factor authentication enabled? If not, do it.
- Who is the DNS provider? Is it the registrar default, a third-party provider?
- Does the DNS provider have two-factor authentication? If they do, enable it. If not, consider finding one that does.
- Is the Internal Master DNS service not available for queries? This means the DNS is unable to answer requests over any port except to the external/secondary DNS provider.
- Is the Internal Master DNS service running latest software? If not, find out why.
- Do you have a secondary DNS provider? A backup DNS helps protect against DDoS attacks, if your domain name is mission critical you should have one.
- Does your secondary DNS provider have two-factor authentication enabled?
- Does your secondary DNS provider have Transaction Signatures (TSIG) enabled?
- What is the TTL (time to live) for your zone file?
- Does your domain require an Extended Validation (EV) SSL certificate? Is it enabled?
- What is the renewal date for your SSL certificate?
- Who is the registrant contact on your domain? Is their contact information up to date?
- Who is the technical contact on your domain? Is their contact information up to date?
- Who is the administrative contact on your domain? Is their contact information up to date?
- Have you whitelisted the emails coming from your registrar and registry so you can get critical security and technical updates?
- Do you know who has administrative access to your domain registrar? Make a list and keep it updated.
- What is the renewal date of your domain? Do you have auto-renew enabled?
- Have you reviewed the policy rules of your registrar and registry?
- Have you audited your DNS zone records?
- Do you have your primary zone file backed up, control tested and working?
- Is your domain locked at the registry?
- Do you have your domain name registration records on file? Backed up?
- Do you have your domain name billing records on file?
- Do you have any trademark and/or public documents associating you with the domain name on file? Backed up?
- Do you have any legal document relevant to your domain name on file? Backed up?
The original version of the checklist on CIRAâs website was created in HTML allowing for copy/paste directly into Github, Jira, Confluence, or wherever else workflow is managed. CIRA recommend reviewing and updating once a year.
In their post, CIRA acknowledge the âchecklist is pretty exhaustiveâsome would say itâs the ultimateâif you would like dive deeper into domain name security, we suggest you take a look at A Registrant’s Guide to Protecting Domain Name Registration Accounts from ICANN’s Security and Stability Advisory Committee (SSAC).â
âOur friends at Akamai also recently published a great guide: Protecting your domain names: Taking the first steps. It goes into detail on a few of the items in our checklist and has some great insight.â
To copy/paste the original of the checklist, go to the original version on the CIRA website here.
The Canadian Internet Registration Authority (CIRA) released a research report last week displaying Canadians’ opinions and experiences regarding the internet and fake news, privacy, cybersecurity and access. Based on a survey of over 1,200 Canadian internet users in December 2018, the report highlights areas of concern, including apprehension around the upcoming Canadian federal election. The report also indicates what Canadians want from industry, the Canadian government and citizens themselves to create a better internet in Canada.
CIRA’s report offers several recommendations to improve Canada’s internet, including enhanced investments by the Canadian government, actions around cybersecurity and privacy that Canadian businesses can take right away and opportunities for Canadian citizens to improve the internet they rely on every day.
“With the rise of misinformation online and threats to digital privacy and cybersecurity, Canadians are demanding more of government, industry and others when it comes to Canada’s internet,” says CIRA’s CEO Byron Holland. “The question that remains is how best to give Canadians what they want, while maintaining the open, interoperable internet that has become ubiquitous in the lives of most Canadians.”
The report comes out in the lead up to the upcoming
Canadian Internet Governance Forum, taking place this week in Toronto, where internet stakeholders from across the country will meet to discuss these key issues. CIRA is a sponsor, co-organiser and participant.
“There are some basic actions that can be taken today to increase Canadian privacy and security online,” says Jacques Latour, CIRA’s chief security officer. “Canadian businesses must learn and follow privacy laws and make cybersecurity a priority. Governments must invest and participate in local infrastructure such as Canadian internet exchange points to keep data local, and Canadians must learn to spot and avoid personal cyber threats such as phishing emails.”
“With a federal election around the corner, fake news is a real concern and Canadians agree,” says David Fowler, CIRA’s vice president of marketing and communications and vice-chair of MediaSmarts board of directors. “Canadians see social media companies, the government and journalists as key players to halt misinformation online. But citizens themselves have a role to play and increased investments in media literacy will help Canadians spot fake news and thereby thwart its influence.”
To read the full report visit cira.ca/betterinternet.
Some of the key facts on Canadian internet users highlighted by CIRA are:
Of Canadian internet users:
Social media and fake news
Â· 75% say they come across fake news at least sometimes
- 57% have been taken in by a fake news item.
Â· 70% are concerned that fake news could impact the outcome of the next federal election.
Â· 72% are willing to disclose some or a little personal information in exchange for a valuable/convenient service.
Â· 87% are concerned that businesses with access to customers’ personal data willingly share it with third parties without consent.
Â· 86% believe it is important that government data, including the personal information of Canadians, be stored and transmitted in Canada only.
Â· 87% are concerned about a potential cyberattack against organizations with access to their personal data.
Â· Only 19% say they would continue to do business with an organization if their personal data were exposed in a cyberattack.
Â· 78% are concerned about the potential security threats related to the Internet of Things.
Â· 69% believe the high cost of internet services, including for mobile data, is hurting Canada’s economy and prosperity.
Â· 83% believe that universal access to high-speed internet is important for Canada’s overall economic growth and prosperity.
Â· 70% agree that the Canadian government should be doing more to support public access to high-speed internet.
Â· 75% say they only know a little or hardly anything about the topic of global control and regulation of the internet.
Â· 50% are concerned that the global internet could fracture into regional blocks that adopt very different regulatory principles and policies.
- 66% support the principles of net neutrality.
CIRA announced Monday it has added 2 new ccTLD partners for its D-Zone Anycast DNS service – Singapore (.sg) and Chile (.cl), taking to 10 ccTLDs that use the service, as well as adding 2 new global nodes in Brazil and Japan – as the company best known as the manager of the Canadian ccTLD .ca continuesÂ to spread its wings.
The addition of Singapore Network Information Centre (SGNIC), the country code top level domain manager for .sg and NIC Chile, who manages .cl, adds 180,000 and 570,000 domain names under management respectively to its service.
CIRA now has 25 nodes across the globe providing a robust network that powers D-Zone Anycast DNS for their ccTLD customers which answers approximately 180 million DNS queries per day for its TLD customers to help provide greater resiliency to their networks.
The 10 ccTLDs that now use CIRAâs D-Zone Anycast DNS are .cl, .cr (Costa Rica), .dk (Denmark), .nl (Netherlands), .nu (Niue), .nz (New Zealand), .pt (Portugal), .se (Sweden), .sg and of course Canadaâs .ca. D-Zone Anycast DNS answers queries for nine percent of all global ccTLDs domain names.
DNS Anycast technology deploys identical DNS servers in different locations often in different countries. It means that when a node is taken offline, due to maintenance or for nefarious reasons, the end user doesnât notice and DNS services continue. During a cyberattack, with nodes deployed around the world one node can bear the brunt of an attack leaving others unscathed. For businesses, DNS Anycast services can be deployed to improve performance of websites and load times for web pages. With multiple nodes, the customer is closer to a node and performance improved.
âWe were looking for DNS partner with a global reputation and solid infrastructure. We found that partner in CIRA and look forward to a productive relationship,â said Queh Ser Pheng, General Manager of SGNIC.
âCIRA’s global reputation in the ccTLD community provided us with the confidence that we could trust them with our DNS. Our customers demand the highest standards of uptime and security and D-Zone Anycast DNS helps us deliver that,â said Eduardo Mercader Orta, Director of Operations, NIC Chile.
âCIRA is proud to partner with ccTLDs to provide a stable, secure, high performance DNS. Starting with DNS, our relationships have expanded to be true partnerships that include collaboration and information sharing with our ccTLD peers around the globe,â said Mark Gaudet, DNS Program Manager, CIRA.
The Canadian Internet Registration Authority (CIRA) has released its 2018 CIRA Cybersecurity Security Survey which provides an overview of the Canadian cybersecurity landscape.
For the survey, CIRA, the .ca country code top level domain (ccTLD) registry, surveyed 500 individuals with responsibility over IT security decisions at small and medium-sized businesses across Canada to learn more about how they are coping with the increase in cyber threats. The sample included both business owners and employees who manage information technology.
“A key element of building a better online Canada is ensuring Canadians have safe, secure internet access,” said Byron Holland, president & CEO, CIRA. “Through our experience in managing the .CA domain for Canadians, we hope to help lend our expertise in safeguarding Canadaâs internet so that Canadian businesses can thrive online.â
In partnership with CIRAâs technology partner, Akamai Technologies, the full report has been released to coincide with Small Business Week in Canada.
“Training and awareness are critical to ensuring your business is cyber-secure,”Â Jacques Latour, chief security officer, CIRA. “No matter how great your IT team is, anyone with a network-connected device can be the weak point that brings your business down.”
The report’s key findings are:
- 40 per cent of respondents experienced a cyberattack in the last 12 months. One in ten experienced 20 or more attacks.
- Among larger businesses with 250-499 employees, the number who experienced an attack increases to 66 per cent
- 67 per cent of respondents outsource at least part of the cybersecurity footprint to external vendors.
- While 59 per cent of respondents said they stored personal information from customers, 38 per cent said they were unfamiliar with PIPEDA.
- One-third of respondents indicated that the most significant impact of a cyberattack is the time and resources required to respond to the incident.
- 88 per cent of respondents were concerned with the prospect of future cyberattacks, which resulted in 28 per cent suggesting they would add cybersecurity staff in the next year
- Although 78 per cent were confident in their level of cyber threat preparedness, 37 per cent didn’t have anti-malware protection installed and a shocking 71 per cent did not have a formal patching policy â exposing these organizations to massive security holes
- Only 54 per cent of small businesses provide cybersecurity training for their employees even though the most common form of malware seen by our respondents, phishing attacks (42 per cent), directly exploit employees as a point of weakness
Read the full report: https://cira.ca/2018-cybersecurity-survey-report