Avoiding common domain name risks | 5G Networks
The need to protect business assets from online threats is obvious to many businesses, but sometimes one of the most important assets can get overlooked, and that’s the domain name portfolio.
Significant damage can occur if suddenly your business becomes unreachable online. This can cause reputational damage and, at worst, a business that relies on trading online can literally cease to exist.
We’ve outlined some of the ways this can happen, and what you need to do to avoid it.
Your renewal notice gets overlooked or forgotten
Once your domain name is registered, you often don’t think about it again until the renewal comes due; often many years later.
Overlooking the renewal therefore becomes one of the most common errors, and some of the best known names on the internet have suffered the consequences. For example, a local search directory style mobile app, Foursquare, became a global online brand. It allowed its registration of foursquare.com lapse accidentally in 2010 due to a ‘billing glitch” with their registrar.
More recently two banks in the UK were locked out of their online accounts because they forgot to renew the domain name for the group’s name server that directed web requests to the correct destinations.
Even Microsoft has forgotten to renew a domain, with hotmail.co.uk lapsing in 2003, allowing an unscrupulous purchaser to re-register it and attempt to sell it back to Microsoft at a profit. They only noticed this when an online newspaper contacted them to ask why the domain was owned by a different person.
No longer needing a domain name isn’t necessarily a good enough reason to let it lapse either, as Heinz found out in 2015. They had used fundorado.com for a competition in 2013 and 2014 that involved scanning a QR code on ketchup bottles. After the competition ended they didn’t think they needed the domain any more, only to find that a porn site quickly moved into their previously family friendly site. A Heinz customer wasted no time in sharing the mishap all over social media.
Hijacking of domain names
Another risk for domain name holders is the intentional hijacking of domains which can be performed by unscrupulous operators easily obtaining domain details through registrars.
With the aid of a phishing attack directed at the legitimate owner, these hijackers can take full control of your online presence. This is made easy because in many cases registrars will not conceal the email address of the domain owner when a query to whois.com is performed.
It can also happen when domain registrars do not have the requisite security practices needed for corporate domain portfolio management.
With some registrars you can purchase a ‘security lock’ that restricts registration detail changes to a single user with multi-factor authentication in place.
It’s advised that you should only use registrars that provide this service and make sure it’s active on your account.
According to recent Domain Name Security report published by CSC, only 17% of Forbes Global 2000 companies have adopted registry security locks, thereby putting themselves at greater risk of hijacking.
And if they have to instigate legal proceedings, for instance if the hijacker has transfered the domain to a registrar in another county, it can take a long time and generate a lot of expense.
An increase in hijacking
International not-for-profit organisation, the Spamhaus Project, says spamming, cyber threats and domain hacking are all on the rise.
Australian Cyber Security Centre (ACSC) alerted Australian businesses to a global Domain Name System infrastructure attack campaign in 2018. The government organisation publishes many useful guides including one covering the essential eight mitigtaion strategies to protect your systems.
If you’re the victim of a full domain hijacking, and your website users are very obviously redirected to another site, you’re more likely to easily detect and remediate that. But what about when an attacker directs only selected requests to another site? You may never know this is happening.
This happened to a Japanese cryptocurrency site, Coincheck. Hackers gained access to the registration details for the domain, logged in and changed the nameserver to their own. This enabled them to let most of the traffic proceed to coincheck.com, but re-route some of the traffic to their lookalike website, where they obtained login information from unsuspecting Coincheck customers.
So what is the solution?
The simplest way to mitigate your exposure to these risks is to ensure your business has robust protection for your entire domain portfolio. And the easiest way to get that robust protection is by using a specialist corporate domain management service.
5G Networks delivers Domain Portfolio Solutions, provided by our expert team of Australian-based domain specialists. Get in touch to find out more, or download our whitepaper on domain name portfolio protection.
Originally published at https://5gnetworks.com.au on February 3, 2020.