Home / Blogs

3 Reasons It's Crucial to Review Your Domain Lock Portfolio Now

By Ken Linscott Product Director, Domains and Security at CSC

Just as we started the new year, the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency's (CISA) issued an alert. On January 6, 2020 , they warned of domain name system (DNS) hijacking and other cyber threats that may be used by nation-state threat actors to disrupt business activity and take control of vital internet assets. A familiar refrain heard in 2019 now repeating in 2020.

If your reaction to this is "what is DNS hijacking?" or "when did we last review our domain name portfolio with a view to mitigating this threat?," here's what you need to know:

DNS hijacking is when a cybercriminal or hacker (in this case, potentially state-sponsored) diverts website visitors to a defaced website, or a fraudulent one, to steal login credentials and confidential data. Information can also be harvested from inbound emails, then used to launch sophisticated phishing attacks on customers and employees using a company's own domains to make the phish appear legitimate. This poses a threat as not only a serious data breach and a privacy nightmare, but also a business continuity risk.

There are three reasons it's essential to review your domain lock portfolio regularly, comprising registry and registrar locks, and especially now:

  1. Your domain portfolio is constantly changing with the launch of new brands, the retirement of old ones, developing operations in new markets, as well as buying and selling businesses. Therefore, you need to both understand what your business-critical domains are at any given time, and ensure they have the right security in place — including domain locks.
  2. At the same time, the domain registries are constantly updating their offering and processes, and as new domain extensions become available for locks, it's important to ensure you're taking advantage of them.
  3. DNS hijacking is a constant threat, but it can be mitigated. Registry locks are the most effective preventive measure that should be put in place.

To understand more about DNS hijacking and locks as a control measure, I've also written a post about the various types of domain locks and its effectiveness.

By Ken Linscott, Product Director, Domains and Security at CSC

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Comments

 Be the first to post a comment!

Add Your Comments

 To post your comments, please login or create an account.

Related

Topics

Cybercrime

Sponsored byThreat Intelligence Platform

New TLDs

Sponsored byAfilias

DNS Security

Sponsored byAfilias

Cybersecurity

Sponsored byVerisign

Brand Protection

Sponsored byAppdetex

Domain Names

Sponsored byVerisign

Whois

Sponsored byWhoisXML API

IP Addressing

Sponsored byIPv4.Global

View All Topics