Security must include domain name protection, say experts - computerweekly.com: "... the issue of domain names is typically overlooked when designing an online security strategy, said Rob Cotton, chief executive at information assurance firm NCC Group. “Making sure you’ve got the right internet domains is often dismissed by executives as simply a job for the marketing department, but we’ve got an incident here that’s affected share price – and that’s going to send tremors right up to board level,” he said. How cyber criminals use fake sites - Cotton said vigilance in this regard is becoming increasingly important as cyber criminals now have more than 1,000 new generic top-level domains to exploit, such as .shop and .london. In October 2014, security researchers uncovered a cyber espionage campaign against military, diplomatic and defence industry targets in the US, Europe and Pakistan, that included fake websites. Although the campaign mainly used phishing emails, the attackers also compromised legitimate sites in Poland to redirect targeted visitors to a fake military contractor website. The fake site was almost identical to the compromised legitimate website, designed to infect victims’ computers with information-stealing malware." (read more at link above)
see also: expVC: Cybercrime, Rogue Registrars: Is ICANN Unfit For Internet Governance?
and
https://www.icann.org/en/system/files/correspondence/cooper-to-chehade-et-al-09dec14-en.pdf
more news links below (on mobile go to web version link below)
Follow @expvccom
