The “Naked Security” blogs published by Sophos remind me how vigilant online publishers – and all organizations, really – have to be to protect their content, their data, even their names. Indeed, the word “vigilance” needs to at the top of our whiteboard every day – and never erased.
When I moved to Vancouver in 1996, I saw that almost no small-cap companies in the exploration and mining business had online presences. This was a good business opportunity. I knew my way around the Internet – coming from Stanford, you had to be – but hadn’t created websites myself. I found a couple of partners who did, and we found a bunch of clients right away.
The first order of business was registering URLs for each client. This typically involved registering four or five: client.com, client.net, clientresources.com, clientresources.net, and clientinvesting.com, for instance. We wanted to make sure that we covered the bases, so to speak. We would use the main URL and make sure that the others “pointed to” the main one.
For a couple of years, on the Internet there was the equivalent of the 19th-century American land rush. Promoters, IT whizzes, managers, communications pros, publishers, inventors, entrepreneurs – everybody, it seemed to me – were staking out their claims to URLs, in essence buying names and making them their own. Whether or not these names were used for actual websites, for some it was just as important that their competitors *didn’t* have these names.
I have a spreadsheet to make sure that I never forget to re-register the “stable” of URLs I own or manage (a few dozen). Two times I missed a deadline; I lost one URL (this still bugs me, as you can imagine) and miracle of miracles I got the other one back.
Forgetfuless is one way to lose control of your URL. Having it stolen is another. The other day Sophos blogger John E Dunn published an article called “US gov issues emergency directive after wave of domain hijacking attacks.”
The US Department of Homeland Security (DHS) has issued an emergency directive tightening DNS security after a recent wave of domain hijacking attacks targeting government websites. …
Domain hijacking has been a persistent issue in the commercial world for years, a prime example of which would be the attack that disrupted parts of Craigslist in November 2014.
In that incident, as in every successful every domain hijacking attack, the attackers took over the account used to manage the domains at the registrar, in this case, Network Solutions.
The objective is to change the records so that instead of pointing to the IP address of the correct website it sends visitors to one controlled by the attackers.
This change could have been made using impersonation to persuade the registrar to change the domain settings or by stealing the admin credentials used to manage these remotely. …
Dunn recommends that you verify your company’s IP addresses and “change passwords on all accounts used to manage domain records.” Read his entire post for a longer list of important safeguard measures.