An often overlooked computer security issue is protecting your firm’s (and your clients’) domain name. Your firm’s domain name is your address on the internet, and has likely become extremely important to your firm’s day to day operations. For example, it helps direct email intended for you to your email server, and web traffic to your web server. The loss of your domain name would no doubt severely impact your business and its communication. Thus, it is important to understand the risks associated with domain registrations, and techniques that can be used to mitigate those risks.
- Domain Name Expiration
- Outdated Whois Information
- Unauthorized or Unintentional Transfers
- DNS Hacking
- Trademark Infringement
|Domain Name Expiration|
As we discussed above, an organization does not actually own a domain name rather they obtain the right to use it for a period of time. If an organization is not diligent in their renewal process, they may unintentionally let their domain expire. Once a domain has expired, it goes back into the pool for registration by the general public. The natural consequence of letting your domain name expire is that another organization may register it. Once another organization registers the domain, it is extremely difficult to get back. In order to get it back, you would probably be willing to pay some amount of cash. In fact, that is how some people earn a living, by quickly registering expired domain names and holding them “ransom.”To mitigate the risk of domain name expiration, here are some techniques.
A related issue regarding expiring domains is “best efforts” domain registration. I will use a real world example of something that happened to me a few months ago. Our firm is working on a new product and we wanted a new domain name. I registered osapps.net and osapps.org however osapps.com was taken. As I was waiting patiently for osapps.com to expire, I received an email from a company I had never done business with offering to register osapps.com. That is funny I thought to myself, how would they know I want osapps.com? Out of curiosity, I went to their website, and it clearly indicated they would register osapps.com for me, for the price of $200. (Most registrars charge approximately $35 per year). Even though $200 was high, I really wanted the domain. Prior to submitting my credit card information however, I researched this company’s name on Google. As I quickly learned, it was a scam. I went back to the website and more carefully read their terms of service. For $200 they promise to try to get the domain name, but if they fail, they keep the fee. As it turns out, I waited until the domain eventually expired, and I was able to register the domain and now I have it.
|Outdated Whois Information|
Many Registrars send email notifications about the domain name from time to time, especially when a domain is about to expire. However, in order to actually receive those notices, your “whois” record must be kept current and up to date. (The whois record is simply documentation about the current Registrant.) In addition, if you have lost the login information to your Registrar’s website, the Registrar will often require you to prove that you are in fact the Registrant (as documented in the whois). If a third party has registered your domain name for you, it is important to make sure your firm is the Registrant. One of our clients had their former IT Consultant register their domain name for them. When my client fired the former IT Consultant, he would not release the domain name claiming that it was his domain name. An inspection of the Registrant of record (whois) indicated it was in fact registered to the former IT Consultant. Thus, my client was unable to get the domain name back and was forced to register a new domain name and update all website and email information.If you want to see the whois information for any domain, simply go to one of many websites that perform whois lookups and enter the domain name. There are many sites that provide whois lookups, some examples are netsol.com, ajaxwhois.com and easywhois.com. Techniques to ensure your whois record is current:
|Unauthorized or Unintentional Transfers|
Another risk is unauthorized or unintentional transfers. Risks associated with transfers include losing control over the domain entirely. In essence, anyone can initiate a transfer request. For example, I could initiate a transfer request of your domain name right now. If the transfer succeeded, I would have complete control over your domain. Whether or not the transfer would succeed depends on several factors. If you are the type of person that ignores emails from your Registrar, dismissing them as unimportant, the chances of my transfer request being approved is increased. In addition, if you are not really sure about how domain name registration works, and you receive an email from your Registrar and assume that you should approve the email since it is coming from your trusted Registrar, then the chances of my transfer request greatly increases.Techniques:
Another related issue is the tactics used by some questionable Registrars. They will send paper letters to domain Registrants prior to the domain’s expiration date. They will then indicate in their letter that if you wish to renew with them, simply sign and return the letter with payment. This actually authorizes them to transfer the domain from your current Registrar to them. Many “fall” for this because they don’t even know who their current Registrar is. Be careful of these tactics.
The term “DNS Hacking” refers to unauthorized modifications to your domain settings. This type of hacking can result in bad things happening, including loss of internet services (website and email).As an example of DNS Hacking, I will use something that happened to my domain a few years ago. The short story is this: an unauthorized person hacked into the domain name registrar that registered clickconsulting.com for me. What their hack did was essentially route all internet traffic destined for my webserver to the user’s local computer. This essentially pulled my website offline for a short time until I could restore the settings. I immediately transferred my domain to a more reputable Registrar than the “low cost” registrar I had used.Here are techniques for reducing the risk of DNS Hacks:
In addition to the risks discussed above regarding your firm’s current domain name, there are issues regarding domain names you do not currently use. There are several “generic top level domains,” examples of which are .com, .net and .org. There are also country coded top level domains, like .uk and .au. Let’s say you are Disney, and you have a US trademark on the word “Disney”, and you register the domain names disney.com, disney.net, and disney.org. As many companies do, Disney neglects to consider the country coded domains, and therefore does not register them. Now, someone in Australia registers disney.com.au. In this instance, Disney wants to protect their brand and trademark and so they would try to acquire disney.com.au from the current Registrant.To avoid this type of issue, consider registering your trademark names as domain names with the various top level domains.