Trouble Abroad

FairWinds Partners —  December 5, 2012

It can be a scary world out there in cyberspace, even for big companies with ample resources. Just ask the likes of Google, Yahoo!, Microsoft and others, who recently saw their domain names ending in .RO, the Romanian ccTLD, hacked. The attack, which hijacked the DNS records of the domain names and pointed them to a server in the Netherlands, came less than a week after Eboz, a little-known hacker group out of Turkey, attacked these and other companies’ .PK (Pakistan) domain names in mid-November.

In other words, November wasn’t a great month for ccTLD domain names in terms of security. In addition to the .RO and .PK hacks, Network World reported that .EU gained popularity among hackers and cybercriminals as a target for attacks and other malicious activities in November as well.

Registering domain names in ccTLDs has long been a bit of a gamble for corporations. On one hand, maintaining a digital presence in key country spaces is important, but on the other hand, certain ccTLDs have a history of being vulnerable to cyber attacks, hacks, malware and other threats. Of course, some ccTLDs, like .UK, .JP and .DE are run more securely and pose much less of a risk (as we discussed in an earlier blog post), but many ccTLDs are not run in a very stable and secure manner, and therefore are vulnerable to attacks or other kinds of disruptions, causing sites to go down.

So what does all of this have to do with new gTLDs? This blog is, after all, called gTLD Strategy, not ccTLD Strategy. Well, for many brand owners, one of the perks of applying for one or more new gTLDs was the ability to potentially move away from risky, insecure ccTLDs, and instead move their international sites under their own gTLDs. So as opposed to Google.ro or Yahoo.pk, companies may opt to use Romania.Google or PK.Yahoo, which they will have much more control over in terms of security.

There is a slight obstacle: in Specification 5 of the sample Registry Agreement provided in the New gTLD Applicant Guidebook, gTLD operators are required to initially reserve two-character labels as well as country and territory names. The good news is, gTLD owners can go through an administrative procedure to release these names in order to use them once their gTLDs are up and running.

This requirement should not derail brand owners who applied for new gTLDs from working to launch their new gTLDs soon – the bottom line here is that new gTLDs offer brand owners a great opportunity to move away from the potentially vulnerable world of ccTLDs while still offering geographically specific and unique content to their consumers around the world.