Gajus - Fotolia

CIO interview: Simon McCalla, Nominet

Nominet, the registry for more than 10 million of the UK’s internet domains, is expanding into the internet of things and internet security services

Simon McCalla’s idea of fun this winter was to spend 13 hours climbing Ben Nevis in heavy fog. “The route was not hard, but keeping a cool head in difficult conditions was challenging,” he says.

Keeping a cool head is just as important for McCalla in his day job. As chief technology officer of Nominet, he is responsible for managing the infrastructure that runs the UK’s top-level web domain .uk. His role is to keep 10.5 million web domains on the UK’s internet infrastructure running with no downtime.

Nominet started life as a private company, founded without shareholders to manage the UK’s top level .uk domain in 1996.

Today, through a partnership with Minds & Machines, it registers 28 top-level domains, including .london and .cymru, and is managing domain registration for organisations including the BBC and Bentley.

Over the next three to 10 years, the rapid expansion of the internet of things will require Nominet and its counterparts in other parts of the world to register billions more internet domains that will allow industrial sensors, intelligent consumer devices and driverless cars to communicate.

Worldwide estimates suggest between 20 billion and 50 billion devices will be connected to the internet and each will require a domain name registration.

Connecting these devices to the internet will be challenging. One solution is the 3G mobile network, but it is relatively expensive.

Creative use of white space

McCalla is instead looking at ways to make better use of the unused frequencies between digital television channels, an area of the spectrum known as TV white space, with several pilot projects underway.

Nominet and startup company Love Hz have built a network of sensors that act as a flood warning system in the rivers surrounding Nominet’s Oxford headquarters. The sensors are ultra-cheap to deploy. Each the size of a coffee cup, they contain an Auduino electronics board, and an ultrasonic beacon that regularly “pings” the height of the river, recording the water level.

In another demonstration project, Nominet has wired its car park with sensors that detect which parking spaces are free. And a demonstration with London Zoo uses camera sensors in Africa in a programme to prevent Rhino poaching.

Nominet has been given the go-ahead from Ofcom to run a database registry that will allocate television white space frequencies to connected devices as and when they need it. This will maximise the use of available frequencies.

Read more CIO interviews

  • Jim Downing, CTO at digital fashion plugin Metail, believes selling fashion online is still difficult for retailers despite shifts towards omni-channel.
  • Linklaters CIO Matt Peers is taking the firm through a complete digital transformation and making some big changes.

A trial in the Scottish Isle of Arran has shown that TV white space, against all expectations, is able to transmit enough data to provide a reasonable broadband service.

The technology is one potential way of providing broadband connections to rural areas – the last remaining 5% of the population – shunned by BT and other internet service providers.

“There was a remote croft on the Isle of Arran. BT was not prepared to run fibre out. They had a pathetic dial-up connection, so we built a mast with a TV ariel,” says McCalla. “They now get 10Mbs for £30 a month.”

Nominet’s collaborator in the project, Broadway Partners, is looking at the potential to use the technology in blackspots in London, where it is difficult to gain broadband access. Transmitters, for example, could be used to provide a broadband connection from one building to another.

Tackling the bad guys

The data that Nominet collects from domain name queries is a more immediate source of growth. The registry receives two to five billion queries a year, which, if analysed, can identify cyber attacks that often go undetected by other cyber security tools.

Nominet has developed a technology, called Turing, that can sift through the traffic, to spot the difference between good traffic, such as regular emails and web lookups, and bad traffic, including denial of service attacks, botnets and poorly configured DNS technology.

“We look to our technology to unpeel that, and work with law enforcement to bring justice to those who are misusing DNS for criminal gain,” says McCalla.

Nominet has seen a noticeable growth in amplification attacks. In this form of attack, hackers send spoof lookup requests to DNS servers, and redirect the responses back to the victim. They are able to amplify the attack and turn it into a major denial of service attack.

“We look to our technology to work with law enforcement and bring justice to those who are misusing DNS for criminal gain”

Simon McCalla, Nominet

Nominet’s security team were instrumental in tracking down the gang behind CryptoLocker. The malware, one of several similarly named programs, encrypted its victims’ data and demanded a ransom to release it. Many companies paid up, netting criminals an estimated $3m.

Nominet was able to help law enforcement agencies decode the patterns of command and control used by the perpetrators. The criminals were creating new websites every 20 minutes, and McCalla and his team were able to predict where the malware would appear next.

“We were able to track back in time and find the criminal gang behind it. They guy was indicted,” he says.

Exposing the Cutwail botnet

Nominet also played a role in exposing the Cutwail botnet, used by cyber criminals to distribute spam and malware. Using Turing, the team were able to spot suspicious patterns in DNS traffic to identify the botnet.

In a live demonstration to show the power of the tool, McCalla was able to identify a huge spike in mail server (MX) queries which had taken place at 4am one night. The graphs showed that someone was making 15,000 email queries a second for what turned out to be non-existent email addresses.

“It’s a botnet, in the middle of the night, trying the validity of email addresses for spam. Now we know it’s there, we can see if it is happening elsewhere,” he says.

Nominet is making the tool available to internet service providers in the UK and elsewhere to allow them to monitor their own traffic. One mobile phone company in South America, for example, has used Turing to identify customers who were downloading software to gain free access to mobile hotspots.

“It had a huge financial impact on the company. We were able to identify the customers that were doing that and take steps to remediate the problem,” says McCalla.

Protecting Nominet’s own infrastructure

Nominet also has its own infrastructure to protect. The company owns 250 commodity HP and Dell servers, based in two datacentres in the UK and a backup centre in Geneva. There are another 20 Nominet server nodes around the world, housed by third parties.

The service has substantial redundancy built in. McCalla calculates that only 5% of its IT capacity is in use at any one time. His main concern is the risk of denial of service attacks against the UK’s infrastructure.

The largest attack that has affected Nominet so far was the denial of service attack against Lloyds Bank in January 2016. “We handled it just fine, though denial of service is a growing threat,” he says.

A robust and diverse infrastructure

Nominet’s infrastructure is robust. It uses diverse software, diverse routing and diverse technology suppliers. Every DNS node has duplicate sets of software, written by different suppliers.

“We do everything we can to make sure zero days can’t be exploited. If one piece of infrastructure fails, becomes overwhelmed or has a bug, we switch over to a backup,” he says. “We do that every day, automatically, and we fire-drill between our datacentres and our domain name server software.”

McCalla sees Nominet’s future as a registry business. Autonomous cars, drone regulation and the extension of dynamic spectrum management beyond TV white space represent big opportunities.

The specifications for the next generation of mobile technology, 5G, are still under discussion.

The Ministry of Defence owns half of the wireless spectrum in the UK, and it is possible that it may wish to raise funds by making it commercially available. Dynamic spectrum management could allow the space to be used more effectively.

“There is no reason why you couldn’t use that technology for 5G and create more space for mobile data,” says McCalla.

From physics to IT, and back again

Simon McCalla planned to move into science after graduating in physics from Exeter in 1992.

“I realised that the world did not need many scientists, so I applied my logical skills to IT and stuck with it,” he says.

He spent 10 years working as an IT contractor, specialising in retail technology, which proved to be a valuable training ground.

“Retail runs on low margins. You have to build IT quickly, quite cheaply or often on a shoestring. It teaches you how to get just enough to serve the business, and not more.”

He went to work for Warner Brothers, developing retail replenishment systems for the studio’s DVD sales, and then to The White Company, a multichannel retailer that sells through a call centre, retail stores and the web.

“I put in new IT systems, new point of sales systems, web sites and an enterprise resource planning system,” he says.

McCalla became director of IT at Nominet in September 2009, and became chief technology officer three years later.

His responsibilities are to manage research and development, commercialise new products, and liaise with government and international technical committees.

McCalla has found his physics training back in vogue, informing the organisation’s work on the radio-frequency spectrum. “It has come full circle,” he says.

Outside of work, McCalla is an enthusiastic mountain climber, and sits on the British Mountaineering Council, the national body for climbers, hill walkers and mountaineers, as a non-executive board member.

Read more on Internet infrastructure

Data Center
Data Management