Domain Name Registries Must Do More to Protect Highly-Trafficked Domains

With the recent attacks against high-profile New Zealand domain names including Coca-Cola.co.nz and F-Secure.co.nz, fingers are naturally pointing to Domainz, the registrar of record for these domains, as the party responsible for this lapse in security. While domain name registrars certainly need to ensure the security and stability of their systems, domain name registries must also step up and take responsibility for mitigating risks posed by hackers.

Many of the world‰Ûªs largest registries subscribe to EPP (Extensible Provisioning Protocol) which is a flexible protocol that enables communication between domain name registrars and domain name registries for transferring, registering, renewing and managing domain names. Other registries provide proprietary methods of automated communication for the management of domain names. Hackers have now recognized that if the internal networks of domain name registrars are compromised, that these protocols can be used to easily update domains names and redirect website traffic to any site.

Some registries have recognized the risks posed to highly trafficked sites by hackers, disgruntled employees and even erroneous changes, and have implemented a new level of security which prohibits changes to specified domains; unless a manual protocol is first completed by the registrar.

Clearly the risks posed by hackers to highly-trafficked sites will only continue to grow now that these vulnerabilities have been identified. Domain name registries and domain name registrars need to work together to identify methods for improving the security of all domain names, and especially those garnering significant traffic.