Domain Name Security in the Face of Syrian Cyber-Threats
If you haven’t been following the drama unfold as Syria starts taking steps to cripple the websites of major U.S. and International news and social outlets, here’s a quick primer:
Last week the Syrian Electronic Army (SEA) launched a phishing campaign which hooked a reseller of Melbourne IT (an Australian domain name registrar). From their efforts they were able to obtain username and password information to an account used by that reseller, which gave them access to the Domain Name System (DNS) records of Melbourne IT’s clients, which they then altered, bringing down websites such as The New York Times, Huffington Post, and Twitter for as long as 20 hours.
So what can we do about this? After all people are people, there are bound to be some momentary slip-ups in judgment, especially on Monday morning before we’ve all had our coffee. Unfortunately for The New York Times, the Huffington Post, and Twitter, they all learned exactly what they can do the hard way; hopefully we can save you some of those pains right now.
Domain Account Security: What’s Available and what’s Reasonable?
As you are no doubt aware, 101domain.com’s primary directive is security (and really awesome service and pricing of course). Everything we do, from back end processes such as automated registry connections, to front end interaction such as customer service, is first analyzed from a security position. How is this change, or this process, going to affect the security of 101domain.com and ultimately the security of our customers? Domain security is very important and large scale attacks are very real and growing exponentially as internet use and reliance continues to skyrocket. 101domain.com consistently goes through great pains to ensure every nook and cranny of our website and our interactions remain as secure, private, and safe as is humanly and electronically possible. As part of our dedication to security, we have developed and are offering many tools which enable our customer base to scale their security measures to keep a balance between inconvenience, expediency, and security. How can we do that and still be confident our customers are as secure as they can possibly be? I’m glad you asked!
The security feature everyone’s been talking about…
Registry Lock Service
Registry Lock allows 101domain.com to offer server-level protection for your domain names. It gives us a secure authentication process, to set registry status codes on selected domain names to prevent malicious or inadvertent modifications, deletions, and transfers. Essentially it’s like giving your domains nuclear launch codes. Unless one of our designated representatives calls in to the registry to personally confirm and authorize changes, no changes can be made at the registry level!
Registry Lock is the step that many brands, companies, and personal registrants are now taking in the aftermath of the SEA’s attacks. Short of moving into a vault in Fort Knox and operating off a series of progressively more complex secret handshakes, this is about as secure as it gets. Requiring a designated 101domain.com representative to physically call in to the registry to authorize any changes eliminates most of the threats presented by hacking and phishing.
Standard with every 101domain.com account are 3 very useful security features:
IP Account Lock
IP Account Lock allows you to specify up to 3 static IP addresses that may access your account. IP Account Lock works at the account level to let you determine which computers or computer networks are able to access your account.
IP Access Logger
The IP Access Logger does exactly what you would imagine it does; it logs the IPs of computers that have accessed your account.
Review and monitor your Account logs for suspicious activity. If you notice an unfamiliar IP Address or abnormal activity, change your password immediately to protect yourself.
Often referred to as REGISTRAR-LOCK, the Domain Locking service sets your domain name registered with us to LOCKED status to prevent your domain name from being updated or transferred without you first unlocking your domain from within your account. Your domain can still be renewed and will be included in the zone.
These 3 are included with every account, you don’t have to do anything extra to get them, and these are just what you see. Behind the scenes we have many layers of security working tirelessly to keep your online properties safe and sound.
In addition to these 3 services, we offer additional layers of protection:
101domain.com VIP Security Card
The 101domain.com VIP credential is a credit card size security device that offers second-level security authentication to access your account. Hackers and would-be thieves can often guess or discover your user name or password, leading to a compromised account. With 101domain.com’s VIP credential, only you have access to the physical device that generates the additional security code required to validate your identity.
Our Portfolio Secure™ security service freezes your account from all unauthorized critical changes. No one is able to make changes to your account or your domains without answering the proper security questions.
If you have any questions, concerns, or comments, please do not hesitate to reach out to your 101domain.com Security Specialists. We are always here to help!