Although there is no requirement that all countries must adopt DNSSEC, Crain says that the experience from registries that have adopted will allow other registries and those responsible for the root zone to better understand the implications of root signing.

The fifth annual survey of DNS on the public Internet released in November last year and conducted jointly by The Measurement Factory and Inflobox found the situation both frightening and hopeful.

"Of particular interest is the enormous growth in the number of Internet-connected name servers, largely attributable to the introduction by carriers of customer premises equipment (CPE) with embedded DNS functionality," said Cricket Liu, vice president of architecture at Infoblox. "This equipment represents a significant risk to the rest of the Internet, as without proper access controls, it facilitates enormous DDoS [distributed denial of service] attacks."

Although no African country has been the subject of a DDoS attack, increased investment in Internet infrastructure and affordability of bandwidth to end users is likely to raise a new breed of Internet criminals.

"DNSSEC adoption does not mean other security risks will be solves, end users will have to be careful of typo errors, passwords; more end user security awareness is still needed," concluded Mwangi.