Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

How to protect your .au domain name from being hijacked like the New York Times

Techworld Australia | Aug. 29, 2013
Yesterday, the .com domain name of the New York Times’ website was maliciously hijacked to redirect visitors to websites controlled by the attackers.

Yesterday, the .com domain name of the New York Times' website was maliciously hijacked to redirect visitors to websites controlled by the attackers.

In the same incident, the hackers attempted to change the records of around a dozen separate websites, including major brands and media organisations such as Twitter and the Huffington Post.

It is these domain name records that ensure visitors who type "" end up at The New York Times website. The attackers altered these records and visitors who navigated to these domain names were unable to reach the intended websites for several hours.

An increasing threat
The problem is, this type of attack is becoming increasingly common and hackers are utilising evermore devious social engineering and phishing tactics in order to gain access to these domain name records.

Earlier this week, Google's Palestine domain name suffered a similar attack. This follows several other attacks in recent months on high profile brands such as Microsoft, Skype, Dell, Kaspersky and Yahoo! in different countries around the world.

The good news is that we developed a solution to mitigate the risk and exposure to such attacks.

Protecting your .au domain names
In response to these increasing threats, AusRegistry launched a new security measure earlier this year called .auLOCKDOWN, which allows .au domain name owners to lock their domain name records and prevent unauthorised changes.

.auLOCKDOWN combats the type of incident seen with the New York Times by adding an additional layer of authorisation at the .au registry level. Only authorised individuals who are verified are permitted to alter domain name records.

Importantly, .auLOCKDOWN also prevents mistakes from occurring, where domain names are accidentally updated. We saw the significant impact self-inflicted errors in domain name records can cause in June when access to LinkedIn was unavailable for half a day due to an error made by a service provider, rather than a malicious attack.

Act now
The lesson learnt from yesterday's incident is: Don't wait until it's too late. High profile brands are clearly the low-hanging fruit attackers are targeting and I can't overstate the importance of domain name and online security.

Your domain name is the digital asset that underpins your organisation's online identity.

Interestingly, in yesterday's incident, Twitter's domain name was locked at the registry level which helped them escape largely unscathed without interruption to their operations. Perhaps this is the reason many of the brands affected by yesterday's incident have today applied a registry lock to their domain names.

As the saying goes, an ounce of prevention is worth a pound of cure.


Sign up for Computerworld eNewsletters.