Home / Blogs

How to Prepare for the Day When Your Domain(s) Are Misbehaving

Chris Griffiths

For a number of years, there have been many different high profile incidents where major websites were defaced, taken offline, or crippled due to issues related to their domain registration. Last night, there was an incident where several high profile domains went offline due to issues at their registrar, and they are now coming back online after what I am sure was a few crazy hours for their operations teams and management. (Network Solutions released a statement Thursday afternoon that the attack wasn't malicious.)

Whether through social engineering hacks, defacements, or through operational errors, managing domain portfolios needs consistent management, and a well thought out plan to deal with worst case scenarios. I have spent a number of years designing for these worst case scenarios for many large domain portfolios, and I wanted to provide some high level guidance for domain owners and administrators on how to effectively prepare for such incidents.

Ensure That Your Organization Has A Well Thought Out Plan To Deal With A Domain Failure

Domain failures do happen whether from human error, hijacking, etc. Ensuring that the domain owners' organization has a plan to deal with a failure is critical, and this plan should be shared with the proper areas of the organization so everyone knows how to react when an issue comes up. I would also recommend reviewing this plan yearly at minimum in order to ensure that all people and processes are in alignment with the plan and adjust it accordingly as things can and will change over time.

Know The Right People And Organizations To Contact

When an emergency hits, making sure you have the correct contacts for escalations is key. Whether it's your registrar or your DNS provider's contacts, or your internal teams and escalation points of contact, every minute counts when there is an outage. Make sure you have an updated contact list for anyone that can assist in restoring your domain(s) and services. Also, make sure that your registrar and DNS provider has your organization's contact information and escalation list.

Do Not Use A Single Person To Manage Your Domains

This may seem like a simple concept, but having one person who controls everything can lead to a single point of failure, and open your domains up to various failures when and if that person can no longer participate in the management of the domains. Instead, use a chain of custody for your domains by utilizing several layers of people to approve and implement changes. This allows for multiple people failures (people out on vacation, sick time, etc).

Connect With People And Organizations That Can Help

There are many great people and organizations that work in the domain and DNS industry. Make sure you connect with them so that when, and if, a situation arrives, you can reach out to them for assistance, and in turn, they may just reach out to you as well. They all hold meetings throughout the year and have active email lists that you can participate in. It is a great way to get to know people and companies in the industry, and the relationships you build may come in handy at some point: ICANN, NANOG, RIPE, DNS-OARC

By Chris Griffiths, VP, Labs for Dyn

Related topics: Cyberattack, Cybersecurity, DNS, Domain Names

 
   

Don't miss a thing – get the Weekly Wrap delivered to your inbox.

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Dig Deeper

Mobile Internet

Sponsored by Afilias Mobile & Web Services

DNS Security

Sponsored by Afilias

Cybersecurity

Sponsored by Verisign

IP Addressing

Sponsored by Avenue4 LLC

Promoted Posts

Buying or Selling IPv4 Addresses?

ACCELR/8 is a transformative IPv4 market solution developed by industry veterans Marc Lindsey and Janine Goodman that enables organizations buying or selling blocks as small as /20s to keep pace with the evolving demands of the market by applying processes that have delivered value for many of the largest market participants. more»

Industry Updates – Sponsored Posts

Domain Registrations Reach 331.9 Million, 6.7 Million Growth Year over Year

.brands Spotlight: Banking and Finance Industries

Google Buys Business.Site Domain for 'Google My Business'

Radix Announces Global Web Design Contest, F3.space

Global Domain Name Registrations Reach 330.6 Million, 1.3 Million Growth in First Quarter of 2017

.TECH Gets Its Big Hollywood Break

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Why the Record Number of Reverse Domain Name Hijacking UDRP Filings in 2016?

Attacks Decrease by 23 Precent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

UDRP: Better Late than Never - ICA Applauds WIPO for Removing Misguided 'Retroactive Bad Faith'

The Rise and Fall of the UDRP Theory of 'Retroactive Bad Faith'

.PRESS Supports Press Freedom Day for 3rd Consecutive Year

Leading Internet Associations Strengthen Cooperation

5 Afilias Top Level Domains Now Licensed for Sale in China

Radix Announces Largest New gTLD Sale with Casino.Online

2016 Year in Review: The Trending Keywords in .COM and .NET Domain Registrations

Global Domain Name Registrations Reach 329.3 Million, 2.3 Million Growth in Last Quarter of 2016

A Look at How the New .SPACE TLD Has Performed Over the Past 2 Years

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Neustar to be Acquired by Private Investment Group Led by Golden Gate Capital