Europe’s public institutions are prime targets for phishing, ransomware, and other cyber threats. DNS4GOV, the governmental solution of DNS4EU, provides a centralised, EU-based protective DNS service to safeguard ministries and other critical infrastructure such as hospitals, schools, and municipalities. In this interview with Mr. George Buhai, Government Liaison at Whalebone, we explore how DNS4GOV enables fast deployment, shared threat intelligence, and digital sovereignty to strengthen Europe’s public services.
Why is DNS considered a strategic control point for protecting government institutions?
Nearly every online interaction begins with a DNS query – and research shows that more than 90% of cyberattacks exploit this same channel, at very least from a command and control perspective. By monitoring DNS traffic, authorities can detect suspicious activity at an early stage, while keeping query data within EU jurisdiction ensures that sensitive metadata remains under European oversight.
How does DNS4GOV block phishing, malware, and ransomware at the DNS level?
DNS4GOV continuously updates its resolvers with curated threat intelligence feeds When a user attempts to access a malicious domain, the resolver checks the query against its blocklists. If a match is found, the query is intercepted before it can resolve to the attacker’s server.
What is the added value of DNS as a central defence and telemetry point?
While DNS-based security is lightweight and non-intrusive, making it easy to deploy across diverse institutions – from large ministries to small schools – without disrupting operations, it also covers a security gap that is commonly exploited by over 90% of malware (e.g. via command and control).
Why was DNS4GOV created and what problems does it solve for public institutions?
DNS4GOV was established to support the need for strategic autonomy at the national level. It is “individual” because each EU Member State has its own cultural context, governmental structure, and legal framework. It is “strategic” because public authorities require DNS security that is fully consistent with EU jurisdiction and regulatory standards.
How does DNS4GOV fit into the broader DNS4EU initiative and EU cybersecurity strategy?
DNS4EU is an initiative by the European Commission that aims to offer an alternative to the public DNS resolvers currently dominating the market. DNS4GOV is the public-sector component of that initiative. While DNS4EU covers the general market, DNS4GOV is tailored specifically to the needs of public administrations, critical infrastructure and all Governmental verticals including but not limited to Health, Education, Internal Affairs, etc.
As a dynamic component of national protective DNS planning, it contributes directly to the goals of the EU Cybersecurity Strategy for the Digital Decade and NIS2 Directive, by ensuring essential public services are protected against DNS-based threats.
What was the main driver behind creating DNS4GOV, and how does it differ from existing protective DNS services?
The driving force behind this entire process stems from the needs articulated by governments – voiced through national CERTs, CSIRTs, NCSCs, Cybersecurity Centres, and digitalisation agencies – to ensure a safe online environment for citizens and to foster a trust-based digital ecosystem for public institutions.
How does DNS4GOV fit into Europe’s broader push for digital sovereignty and cyber resilience?
For European entities, DNS4GOV ensures that the critical function of DNS resolution for public institutions is managed within the EU, under EU law and governance, under national and local law and governance because – and this is something that our partners find to be a crucial characteristic of this product – they can draw up their own DNS4GOV depending on their specific architecture.
What kinds of public services or sectors (healthcare, education, local administration, justice, etc.) are expected to benefit the most from DNS4GOV?
It is difficult to provide a definitive answer, as each EU Member State is structured differently and pursues distinct cybersecurity objectives. From a strategic perspective, however, institutions connected to critical infrastructure would likely benefit the most. The healthcare sector, in particular, stands out given its interconnection with numerous societal and infrastructural elements. Education would follow closely, as it generates significant traffic and involves highly sensitive data – especially concerning minors. Municipalities, with the various public services they provide, also have a huge responsibility in keeping their provisions running and secure.
How does DNS4GOV balance its role as a technical cybersecurity service with its broader public service mission?
The team behind DNS4EU and DNS4GOV is actively engaged in advisory work, as well as in the design and implementation of national protective DNS projects. The experience gained through these activities has shaped the understanding that, while functional needs may vary across countries and institutions, the overarching priority remains the security of the digital environment in which citizens and public bodies coexist. It is this shared foundation of safety and trust that ultimately enables resilience, fosters digital sovereignty, and supports the delivery of reliable public services across the EU.
What are the long-term ambitions – could DNS4GOV become a standard baseline for all EU member states’ digital infrastructures?
It was designed to be that, so definitely yes. Our ambition is to build momentum and bring DNS4GOV protection into every city hall, school, hospital, and police station. As with the most advanced use cases of Protective DNS (PDNS), the journey begins by inspiring people, raising awareness, attracting stakeholders, and establishing both credibility and a strong identity.
How can governments deploy DNS4GOV quickly (cloud/on-prem options, minimal infrastructure)?
We adhere to established best-practice guidelines, maintaining close cooperation with National Cybersecurity Centres (NCSCs) and regularly exchanging information on sector-specific activities and institutions interested in testing DNS4GOV. Deployment options are tailored to the needs of each NCSC – whether for hosting or monitoring – and can take the form of cloud-based, on-premises, or hybrid solutions. We have already carried out proofs of concept (POCs) at individual, group, and institutional-cohort levels, demonstrating our ability to adapt and accommodate a wide range of requirements.
How easy is onboarding for diverse institutions (e.g. ministries, hospitals, schools, municipalities)?
Put simply, onboarding is just as straightforward for a large ministry with thousands of employees and a complex IT architecture as it is for a small school in a remote region without a data center or dedicated cybersecurity staff. Whether the focus is on vertical sectors, individual tenants, or remote institutions, DNS4GOV is designed around the needs of its users. They can direct their traffic either to the national resolver – hosted by the National Cybersecurity Center – or to a cloud-based resolver, with DNS4GOV providing the flexibility to support all deployment options.
How does DNS4GOV integrate real-time intelligence from CERTs, NCSCs, and trusted EU partners?
By aligning national and European cybersecurity expertise, DNS4GOV maintains a dynamic, adaptive security layer that evolves in real time with the threat landscape. The result is a DNS service that not only resolves queries securely, but also embodies Europe’s collective capacity to protect its citizens and institutions from emerging digital threats.
George Buhai is a government expert and the lead for the DNS4EU initiative in the public sector context. With a focus on strengthening national cybersecurity through DNS-based protections, George works closely with European governments, regulatory bodies, and national CERTs to drive the adoption and integration of Protective DNS (PDNS) across the EU.
