By Ken Linscott,
product director, Domains and Security Share this post
Just as we started the new year, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency’s (CISA) issued an alert. On January 6, 2020 , they warned of domain name system (DNS) hijacking and other cyber threats that may be used by nation-state threat actors to disrupt business activity and take control of vital internet assets. A familiar refrain heard in 2019 now repeating in 2020.
If your reaction to this is “what is DNS hijacking?” or “when did we last review our domain name portfolio with a view to mitigating this threat?,” here’s what you need to know:
DNS hijacking is when a cyber criminal or hacker (in this case, potentially state-sponsored) diverts website visitors to a defaced website, or a fraudulent one, to steal login credentials and confidential data. Information can also be harvested from inbound emails, then used to launch sophisticated phishing attacks on customers and employees using a company’s own domains to make the phish appear legitimate. This poses a threat as not only a serious data breach, and a privacy nightmare, but also a business continuity risk.
There are three reasons it’s essential to review your domain lock portfolio regularly, comprising registry and registrar locks, and especially now:
- Your domain portfolio is constantly changing with the launch of new brands, the retirement of old ones, developing operations in new markets, as well as buying and selling businesses. Therefore, you need to both understand what your business-critical domains are at any given time, and ensure they have the right security in place—including domain locks.
- At the same time, the domain registries are constantly updating their offering and processes, and as new domain extensions become available for locks, it’s important to ensure you’re taking advantage of them.
- DNS hijacking is a constant threat, but it can be mitigated. Registry locks are the most effective preventive measure that should be put in place.
To understand more about DNS hijacking and locks as a control measure, read our blog post about the various types of domain locks.