VeriSign Expands Project Titan to Strengthen Internet Infrastructure With New Security Upgrades

Market Wire, March, 2008

VeriSign, Inc. (NASDAQ: VRSN), the leading provider of Internet infrastructure for the networked world, today announced an expansion of its Project Titan initiative to include additional security upgrades aimed at strengthening its global Internet infrastructure.

When it initially unveiled Project Titan in February 2007, VeriSign announced plans to increase capacity of the .com and .net Domain Name Systems (DNS) by 10 times by 2010, and the development of new proprietary technologies and processes. Now, VeriSign is announcing the deployment of additional proprietary security upgrades and monitoring tools to identify, track and isolate malicious Internet traffic generated from cyber attacks.

"VeriSign is working to stay ahead of the constantly changing demands on its Internet infrastructure and threats to its security," said Ken Silva, chief technology officer at VeriSign. "The first stage of Project Titan was focused on the speed of the Internet and range of our infrastructure. This next stage will focus on ensuring that the level of security exceeds demands, such as new attacks coming from wireless devices, to keep the infrastructure stable and operational."

VeriSign focuses on Internet security and stability because of the critical role the Internet plays in commerce, communications and government operations. According to an International Chamber of Commerce study released this month, a survey of over 1,000 economic experts from 90 countries said that a one-day Internet blackout would mean that "businesses would suffer major losses and costly damage which would have huge and lasting effects."

In the last year, the Internet has experienced new and evermore complex forms of cyber attacks and disruptions. For example, government servers in Estonia came under fierce attack last summer, effectively crippling Web site operations there. And in February, an effort by a Pakistani telecom provider to block YouTube.com in that country effectively disrupted access for many global users to the popular site.

According to the "Internet Security Outlook Report" issued by CA Inc., social networks and Web 2.0 services and sites are increasingly becoming the targets for cyber attacks. A Trojan horse on the iPhone is the latest example of how hand-held devices are increasingly a target. The U.S. Government last week said that "real and growing" threats to computer networks and the infrastructure were the focus of the recent "Cyber Storm II" simulated cyber-security exercises involving government agencies, private companies and security experts to test response to threats.

Building on its initiative to expand and diversify the capacity of its global Internet infrastructure by 10 times by the year 2010, VeriSign announced it would expand its existing security by:

--  Implementing next-generation monitoring and response services.
    Deploying these tools, developed by VeriSign as part of the Project Titan
    security initiatives, will improve the ability to detect, isolate, and stop
    security threats to protect the .com and .net provisioning and resolution
    systems. The tools are designed to assist in warding off threats at their
    early stages before they are able to damage and compromise networks,
    platforms and devices.

--  Implementing new security and operational protocols to better manage
    traffic flow and increased protection against application-type attacks.
    Deployment of these enhancements are intended to mitigate the risk of
    service disruption from attacks that use the behavior of protocols such as
    TCP and HTTP that consume computational resources in order to overload
    critical systems.

--  Implementing new tools to track, correlate and pinpoint security and
    network related events on a global basis. The ability to identify various
    attack vectors against the .com and .net infrastructure will assist in
    enabling early elimination of threats to reduce the potential for repeated
    incidents and threat of larger scale attacks.

--  As announced during recent industry meetings, VeriSign is making
    enhancements to the root server infrastructure which will increase the
    security of DNS by authenticating the origin of DNS data and verifying its
    integrity while moving across the Internet. VeriSign will implement a DNS
    Security (DNSSEC) testbed for the root zone infrastructure to prepare for
    production systems. DNSSEC can help combat compromised data in name
    servers, which could then be used to launch damaging attacks against users,
    enterprises and the Internet core itself. As the publisher of the DNS root
    zone, VeriSign plans to launch this testbed to help enable the root zone to
    anchor a global chain of trust for TLD registry operators who implement
    DNSSEC within their TLDs and registrars who provide DNSSEC services for
    their customers.
    

In addition to managing the "A" and "J" root servers, VeriSign manages the critical infrastructure that handles registration and resolution traffic for the .com and .net top-level domains. In doing so, VeriSign processes an average peak of more than 33 billion Domain Name System (DNS) queries per day that can periodically spike to nearly double that. A DNS query occurs every time an Internet user accesses a Web site, clicks on a Web link, or sends email from their computer.