News & Insights

Never Neglect Your Network Security

15 February 2022

 

 

The security of your domain name should always be the first line of your cybersecurity defense. In the past year, there have been some major network failures caused by human error, including the tampering of domain name configurations. Domain names play a critical role in the online world, and a misconfigured domain name, whether caused by a malicious attack or human negligence, can cripple a company's services and thus damage its reputation. For example, in the past U.S. presidential election, a candidate's campaign website was maliciously directed to a fake website or propaganda site that could have been used by unscrupulous individuals.

 

According to a SecurityScorecard and CSC survey of 2,000 companies worldwide by Forbes, 81% of corporate domains are at higher risk of Domain Name Server (DNS) hijacking because most of these domains do not employ basic domain name security measures, such as domain lock.

 

What is DNS hijacking? In short, when a domain name is hijacked, an attacker can modify your DNS records, direct traffic to a fake website IP set by the attacker himself, and then steal the customer's login and password through the fake website.

 

In this Internet era, website is said to be the most important contact point between customers and businesses. If a business domain name is hijacked, the business will not only be responsible for leaking the public's personal information, but also tarnish the reliable image that the business has built up over the years. The loss of goodwill cannot be estimated in monetary terms alone, and it is hard to imagine how much time and effort it will take to regain the trust of customers. Even there is no data breach, an attacker can simply remove your domain name from the web or resell it to someone else, which is certainly an irreparable loss to your business.

 

Apart from external attacks, another common security threat is human error. In order to maintain the day-to-day operations of a website, businesses often assign certain employees to act as webmasters and maintain domain name configurations. Such employees can change the DNS records of the entire enterprise with their privileged credentials. If this employee accidentally makes a mistake or abuses his access rights with some nefarious intent, the entire website could be easily brought down, resulting in serious disruption to the business's operations. From a corporate security and risk management perspective, such delegation of administrative rights adds to the security exposure of the company. Therefore, an effective domain lock is essential for any security conscious business.

However, not every domain name registrar offers domain lock service, and domain lock agreements are usually only offered by enterprise level registrars. Hong Kong Domain Name Registration (HKDNR)'s .hk LOCK is a domain lock service that prevents individuals from modifying domain name data without authorization and using the domain name for illegal purposes. No matter how good your website's internal security is, domain name changes are often overlooked. When two-factor authentication (2FA) has become commonplace in everyday life, how can one accept that the hard-earned domain name can be changed at will or without dual authorization? To ensure the security of your valuable assets, .hk LOCK provides protection beyond two-factor authentication. Even if a fraudster steals your login information and one-time password, .hk LOCK will still send a notification to the designated authorizer for verification and confirmation before the unlocking process, ensuring that each operation is duly approved by the authorizer. This helps to protect against potential external or internal risks as well as other forms of security threats (e.g., password theft, unauthorized change of email addresses and IP addresses, etc.)

 

Domain lock is not a domain name protection service required only by large corporations. No domain name is immune to malicious alterations or attacks. If you are interested in the .hk LOCK service, please visit the following website https://www.hkirc.hk/zh-hant/our_services/cybersecurity_services/hk_lock/  for more information.

 

References:

  1. https://www.darkreading.com/risk/us-election-related-websites-vulnerable-to-fraud-abuse 
  2. https://www.helpnetsecurity.com/2021/12/20/domain-registrar-choice/ 
  3. https://s3.us-east-2.amazonaws.com/imarc-securityscorecard.com/prod/images/CSC_SSC_White-Paper_v9.pdf