How to protect your .au domain name from being hijacked like the New York Times

Yesterday, the .com domain name of the New York Times’ website was maliciously hijacked to redirect visitors to websites controlled by the attackers.

Yesterday, the .com domain name of the New York Times’ website was maliciously hijacked to redirect visitors to websites controlled by the attackers.

In the same incident, the hackers attempted to change the records of around a dozen separate websites, including major brands and media organisations such as Twitter and the Huffington Post.

It is these domain name records that ensure visitors who type “nyt.com” end up at The New York Times website. The attackers altered these records and visitors who navigated to these domain names were unable to reach the intended websites for several hours.

An increasing threat

The problem is, this type of attack is becoming increasingly common and hackers are utilising evermore devious social engineering and phishing tactics in order to gain access to these domain name records.

Earlier this week, Google's Palestine domain name google.ps suffered a similar attack. This follows several other attacks in recent months on high profile brands such as Microsoft, Skype, Dell, Kaspersky and Yahoo! in different countries around the world.

The good news is that we developed a solution to mitigate the risk and exposure to such attacks.

Protecting your .au domain names

In response to these increasing threats, AusRegistry launched a new security measure earlier this year called .auLOCKDOWN, which allows .au domain name owners to lock their domain name records and prevent unauthorised changes.

.auLOCKDOWN combats the type of incident seen with the New York Times by adding an additional layer of authorisation at the .au registry level. Only authorised individuals who are verified are permitted to alter domain name records.

Importantly, .auLOCKDOWN also prevents mistakes from occurring, where domain names are accidentally updated. We saw the significant impact self-inflicted errors in domain name records can cause in June when access to LinkedIn was unavailable for half a day due to an error made by a service provider, rather than a malicious attack.

Act now

The lesson learnt from yesterday’s incident is: Don’t wait until it’s too late. High profile brands are clearly the low-hanging fruit attackers are targeting and I can’t overstate the importance of domain name and online security.

Your domain name is the digital asset that underpins your organisation’s online identity.

Interestingly, in yesterday’s incident, Twitter’s domain name was locked at the registry level which helped them escape largely unscathed without interruption to their operations. Perhaps this is the reason many of the brands affected by yesterday’s incident have today applied a registry lock to their domain names.

As the saying goes, an ounce of prevention is worth a pound of cure.

Please contact your .au domain name Registrar for more information about .auLOCKDOWN. A list of all .au accredited Registrars can be found here.

George Pongas is General Manager - Registry Services, Australian Division at AusRegistry, the current registry operator and wholesale provider for all commercial domain names including .com.au and .net.au and non-commercial domain names, .gov.au and .edu.au.


Join the newsletter!

Error: Please check your email address.

Tags security

More about DellGoogleKasperskyMicrosoftSkypeYahoo

Show Comments
[]