Gimme Shelter: With Hackers Hitting Domain Providers, Brands May Rely Heavily on New gTLDs

FairWinds Partners —  August 28, 2013

Most of us are pretty familiar with the concept of a hacker attacking a website – and, in fact, downloadable tools to help hackers break into a site and steal information are readily available.  But what happens when a top-level domain registry is hacked, as appears to have been the case for Google’s Palestinian domain earlier this week?

From what TechCrunch reported as of Monday morning, “…it seems that Google’s Palestinian domain was hijacked and redirected to another server altogether. How that was done, exactly, is unclear. One current theory is that Google’s top-level domain provider for the region was compromised, allowing hackers to point the domain somewhere else.”

Tuesday The Washington Post’s tech blog, The Switch, posted Google’s response: “Some users visiting google.ps have been getting redirected to a different website; Google services for the google.ps domain were not hacked. We’re in contact with the organization responsible for managing this domain name so we can help resolve the problem.”

So how do companies like Google ensure that they have a back-up in case of malicious attacks on the domain registry in a particular region or country?

Phil Lodico, Managing Partner at FairWinds, explained that “some ccTLDs present a greater risk for being hacked than others. For example, when the root servers for a ccTLD are located at an institution without top-tier security, perhaps a university, for example, the likelihood that the server will be compromised is higher.”

Lodico went on to explain that new top level domains, specifically .BRANDs, not only present an infinite number of opportunities for their owners and customers, but also offer a new level of security for brand owners and their customers. “By running a .BRAND – or moving from BRAND.country to country.BRAND (after making the appropriate arrangements per the New gTLD Applicant Guidebook) – companies can build their sites on a more robust infrastructure and ultimately a more secure platform.”

Because Google applied for and is likely to win .GOOGLE, the Internet giant could (and we would guess is likely to) redirect or relocate  geographic or regional content related to a country within the .GOOGLE space – and avoid redirects like the one experienced by google.ps earlier this week.

Google.PS