This article looks at the importance of Registry Lock with the growing number of DNS Hijacking attacks.
With DNS attacks up 34% according to the last IDC annual report it is more important than ever to ensure that every measure to protect your business from DNS Hijacking, and similar attacks, is taken.
According to the report, the targets of the most recent attacks were corporate, telecommunication, government, and other infrastructure entities — the main aim seemed to be a direct effort to redirect emails and website traffic to collect sensitive information.
What is DNS hijacking?
DNS hijacking, also named DNS redirection, is a type of DNS attack in which DNS queries are incorrectly resolved in order to unexpectedly redirect users to malicious sites. To perform the attack, cybercriminals either install malware on user computers, take over routers, or intercept or hack DNS communication.
DNS hijacking can be used for pharming (in this context, attackers typically display unwanted ads to generate revenue) or for phishing (displaying fake versions of sites users access and stealing data or credentials).
Many Internet Service Providers (ISPs) also use a type of DNS hijacking, to take over a user’s DNS requests, collect statistics and return ads when users access an unknown domain. Some governments use DNS hijacking for censorship, redirecting users to government-authorized sites.
According to research from IDC and efficient IP:
“Two-in-five (40%) organizations suffered cloud outages and one-third (33%) of respondents were victims of data theft. One-in-five (22%) businesses had lost business due to DNS attacks.”
What is Registry Lock?
A registry lock provides the highest level of protection for a domain name that their DNS will not change withoutb the owner’s consent. If any changes need to be made to a registry locked domain name, including modifying DNS records, changing ownership or registrar transfers, a stringent verification process takes place involving;
- The Registrar checking your security passphrase
- The registry checking our internal security passphrase
- This three-way check between the domain registrant (you), the registrar, and the registry to ensure that no unauthorized changes can be made on your domain name.
There are two main types of registry locks:
- auLOCKDOWN – which covers all .AU domain names for a period of 2 years
- Verisign Registry Lock – which cover the .com and .net domains for a period of 1 year.
With a registry lock in place, nothing on a domain name’s registration can be changed without registry approval by the registrant.
Most of the major TLDs provide a similar product, including many of the main ccTLDs, such as Singapore, UK, China to name a few.
Summary:
- DNS Hijacking and attacks are on the rise.
- It is important that you protect your DNS from this growing rate of malicious attacks.
- Registry lock is one of the measures available to prevent DNS hijacking from occurring.
About brandsec
Brandsec is a corporate domain name management and brand protection company that looks after many of Australia, New Zealand and Asia’s top publicly listed brands. We provide monitoring and enforcement services, DNS, SSL Management, domain name brokerage and dispute management and brand security consultation services.