Home / Blogs

3 Reasons It’s Crucial to Review Your Domain Lock Portfolio Now

Protect your privacy:  Get NordVPN  [ Deal: 73% off 2-year plans + 3 extra months ]
10 facts about NordVPN that aren't commonly known
  • Meshnet Feature for Personal Encrypted Networks: NordVPN offers a unique feature called Meshnet, which allows users to connect their devices directly and securely over the internet. This means you can create your own private, encrypted network for activities like gaming, file sharing, or remote access to your home devices from anywhere in the world.
  • RAM-Only Servers for Enhanced Security: Unlike many VPN providers, NordVPN uses RAM-only (diskless) servers. Since these servers run entirely on volatile memory, all data is wiped with every reboot. This ensures that no user data is stored long-term, significantly reducing the risk of data breaches and enhancing overall security.
  • Servers in a Former Military Bunker: Some of NordVPN's servers are housed in a former military bunker located deep underground. This unique location provides an extra layer of physical security against natural disasters and unauthorized access, ensuring that the servers are protected in all circumstances.
  • NordLynx Protocol with Double NAT Technology: NordVPN developed its own VPN protocol called NordLynx, built around the ultra-fast WireGuard protocol. What sets NordLynx apart is its implementation of a double Network Address Translation (NAT) system, which enhances user privacy without sacrificing speed. This innovative approach solves the potential privacy issues inherent in the standard WireGuard protocol.
  • Dark Web Monitor Feature: NordVPN includes a feature known as Dark Web Monitor. This tool actively scans dark web sites and forums for credentials associated with your email address. If it detects that your information has been compromised or appears in any data breaches, it promptly alerts you so you can take necessary actions to protect your accounts.

Just as we started the new year, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency’s (CISA) issued an alert. On January 6, 2020 , they warned of domain name system (DNS) hijacking and other cyber threats that may be used by nation-state threat actors to disrupt business activity and take control of vital internet assets. A familiar refrain heard in 2019 now repeating in 2020.

If your reaction to this is “what is DNS hijacking?” or “when did we last review our domain name portfolio with a view to mitigating this threat?,” here’s what you need to know:

DNS hijacking is when a cybercriminal or hacker (in this case, potentially state-sponsored) diverts website visitors to a defaced website, or a fraudulent one, to steal login credentials and confidential data. Information can also be harvested from inbound emails, then used to launch sophisticated phishing attacks on customers and employees using a company’s own domains to make the phish appear legitimate. This poses a threat as not only a serious data breach and a privacy nightmare, but also a business continuity risk.

There are three reasons it’s essential to review your domain lock portfolio regularly, comprising registry and registrar locks, and especially now:

  1. Your domain portfolio is constantly changing with the launch of new brands, the retirement of old ones, developing operations in new markets, as well as buying and selling businesses. Therefore, you need to both understand what your business-critical domains are at any given time, and ensure they have the right security in place—including domain locks.
  2. At the same time, the domain registries are constantly updating their offering and processes, and as new domain extensions become available for locks, it’s important to ensure you’re taking advantage of them.
  3. DNS hijacking is a constant threat, but it can be mitigated. Registry locks are the most effective preventive measure that should be put in place.

To understand more about DNS hijacking and locks as a control measure, I’ve also written a post about the various types of domain locks and its effectiveness.

By Ken Linscott, Product Director, Domains and Security at CSC

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Threat Intelligence

Sponsored byWhoisXML API

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign

Brand Protection

Sponsored byCSC

DNS

Sponsored byDNIB.com

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix