Lessons learnt from the Distribute.IT cyber security incident

By George Pongas

Melbourne, Australia - 28 May 2013

Last week, ABC program The Business aired an exclusive report on the Distribute.IT cyber security incident which forced the once-thriving company out of business and significantly impacted their large customer base.

For the first time since the crisis in June 2011, Carl and Alex Woerndle – the owners of the web-hosting and domain name registration company – spoke openly with the ABC about what happened during the incident and the impact it had on their business and customers.

One thing is clear from the raw and emotional interviews with Carl and Alex; cyber crime can have a devastating impact.

What we also learnt was that we as an industry need to be more accountable and better address the needs of .au domain name registrants and Australian website owners.

Today marks the opening of the CeBIT Australia conference in Sydney, the largest technology conference in the country. In recognition of the growing problem of cyber crime, the conference will for the first time host a whole day and stream dedicated to cyber security. According to CeBIT, the total global cost of cyber crime was estimated to be $110 billion in 2012.

In light of the discussions at CeBIT today, it is my firm belief that a better understanding of incidents such as Distribute.IT and sharing the lessons we learnt will help the entire industry better manage cyber security threats.

The Distribute.IT incident

As the appointed Registry operator for the .au namespace second level domains, we were deeply concerned when we received the call in June 2011 to inform us that a .au Registrar had suffered a security breach.

We learnt that after infiltrating Distribute.IT’s security systems, the unidentified hacker targeted the company’s servers and inflicted significant damage and loss of data to a point where customer’s websites were unrecoverable and Distribute.IT was unable to salvage its operations.

Within a matter of hours, losses from the incident were estimated to be tens of millions of dollars, according to the ABC.

While the hacker who attacked Distribute.IT only targeted the company, we were unaware at the time of the extent of the attack and whether .au domain names were at risk.

As such, we worked closely with Distribute.IT and the .au Domain Administration (auDA) to immediately disable their Registry connections to isolate domain name records from the Distribute.IT affected systems.

We also immediately reset all domain name passwords, assessed our server logs to determine any bulk fraudulent activity and liaised with Distribute.IT to assist with re-establishing Registry connections.

While no consolation to those affected, it was comforting to note that no .au domain names were hijacked during this incident.

What we learnt

Needless to say, the Distribute.IT cyber security incident demonstrated the devastating impact of hacking and cyber crime.

While the hosting of websites is outside of our jurisdiction, attacks on our clients (.au Registrars) and their customers (.au domain name registrants) hurts the entire industry and we felt compelled to address the issue.

There were many .au domain name registrants who were angry that such an incident occurred and we are the first to acknowledge that .au domain registrants are right to demand more of the entire industry.

Despite the blurred boundaries between domain name registration and hosting, there was a need for someone to step up and take accountability.

In response to this need for accountability, auDA and AusRegistry spent the past couple of years consulting the entire industry to gather feedback and recommendations on how we can better address security incidents such as the Distribute.IT case. Specifically, we focused on how improved security from .au domain registrations can be transferred across to hosting services too.

An end result of these consultations was the development of a world-first Registrar Information Security Standard (ISS).

Managed by auDA and expected to launch later this year, the .au Registrar ISS is a set of mandatory protocols which will help .au Registrars manage and improve the security of their businesses, as well as protect the stability and integrity of the .au namespace. The mandatory protocols in the ISS will ensure accredited .au Registrars have numerous levels of redundancy in place and adhere to industry best practice security measures to defend against attacks.

The theory behind the ISS is that these shared best practices across the industry will act as a rising tide to lift all boats – from .au domain registration right through to hosting services. In fact, Alex Woerndle from Distribute.IT contributed to the industry working group that helped to develop the ISS, offering valuable insights into its design from his experiences.

I recently spoke with Carl Woerndle and was pleased to receive the following feedback about the ISS:

“It’s good to see that auDA and AusRegistry have been able to use the malicious attack on our company to instigate industry wide improvements such as the Registrar Information Security Standard. This will add considerable safeguards across the industry,” said Mr Woerndle.

On top of the Registrar ISS, we’ve also seen the development and introduction of a number of other initiatives to improve industry-wide security. These include:

• A new Registrar authentication process.

• Increased security protocols for .au Registry web interfaces.

• Registrar contingency planning improved with lessons learned from the incident (an auDA/AusRegistry joint initiative).

• The imminent launch of a new .au domain name security product developed to enhance Registrar and Registrant security. The new product is named .auLOCKDOWN, and it locks domain names at the Registry level.

• New policies formulated by auDA that identify reseller portfolios and facilitate bulk transfers for both Registrars and Resellers. This policy will be introduced soon.

While it is unfortunate that it took the misfortune of a security incident like Distribute.IT to see these improvements ushered in, it is comforting to know that the entire industry has learned from these mistakes and is now better for it.

By George Pongas
General Manager - .au Registry Services
AusRegistry

Survey launched to benchmark .au

Melbourne, Australia – 25 February 2013: AusRegistry and the .au Domain Administration (auDA) today launched an online survey aimed at the broader Australian community, asking their opinions about the .au domain namespace.

The survey is the first of its kind in the .au namespace and is seeking 10,000 responses over three months to provide a baseline performance standard to measure against annually in future surveys.

A key element of the survey is an investigation into the domain name purchasing behaviour of Australian consumers. Anecdotal evidence suggests Australians exhibit a strong preference for .au domain names and trust it over other namespaces such as .com, .nz or .asia. The survey will also identify trends in .au domain name uptake using demographic data.

Another area of interest the survey will examine is the introduction of new generic Top-Level Domains later this year and what impact this might have on consumers and .au.

Annual surveys will benchmark .au against the data from this survey and it is hoped the results will provide reliable insights which can be used to dictate future marketing and education campaigns, and importantly help set new policy direction.

This year's survey will be hosted on both the AusRegistry and auDA websites, as well as the websites of a number of accredited .au registrars who chose to participate. The survey will also be displayed across 500 of the most popular websites in Australia with a potential exposure to 21 million unique browsers per month.

AusRegistry and auDA encourage interested participants to complete the survey.

The survey is being conducted by global market research company Effective Measure and will run until the end of May 2013. A summary of the results is expected to be released later this year.

The survey can be accessed here: www.ausregistry.com.au/survey2013

##ENDS##

Media Contact:

George Pongas
General Manager - .au Registry Services
AusRegistry Pty Ltd
Ph: +61 3 9866 3710
Fax: +61 3 9866 1970
Email: This e-mail address is being protected from spambots. You need JavaScript enabled to view it.
Web: www.ausregistry.com.au

Tom Valcanis
Marketing and Communications Officer
.au Domain Administration Ltd
Ph: +61 3 8341 4111
Email: This e-mail address is being protected from spambots. You need JavaScript enabled to view it.
Web: www.auda.org.au
Twitter: @auda

About AusRegistry

AusRegistry is located in Melbourne, Australia and is the current Registry Operator and wholesale provider for all commercial domain names including .com.au and .net.au and non-commercial domain names, .gov.au and .edu.au.

About auDA

.au Domain Administration Ltd (auDA) is an Australian non-profit company vested with the responsibility of operating the .au domain under an industry self-regulatory model, for the benefit of all stakeholders. In its role as manager of the .au domain, auDA develops and implements domain name policy and is responsible for consumer safeguards.

.com.au shines with sale of capital city domain names

By George Pongas

Melbourne, Australia - 8 March 2013

It’s not often that .com.au domain names attract the attention of the mainstream media.

Earlier this week, we saw reports from some of Australia’s leading newspapers on an unprecedented sale within the .au namespace.

In what could turn out to be Australia’s most expensive digital asset sale on record, five prominent .com.au domain names were listed for sale on www.namesell.com by Brisbane-based company Domain Guardians.

The domain names – sydney.com.au, melbourne.com.au, brisbane.com.au, adelaide.com.au and auction.com.au – have been tipped by Domain Guardians to potentially fetch somewhere in the order of $1 million as a total package.

Mike Robertson, co-founder of Domain Guardians, said the sale presents a unique business and marketing opportunity for a savvy investor.

“In July last year, the CEO of a Denver real estate company paid a seven figure amount for denver.com and plans to develop it as an online hub for Denver. Denver has a population of about 600,000, and its economy is small compared to that of Australian cities Sydney, Melbourne and Brisbane.

“Imagine the commercial potential for someone owning all four Australian capital city domain names, with a combined population of around 10 million,” Mr Robertson said.

The interest generated in the sale of the .com.au domain names is a testament to the maturation of the .au aftermarket. While still in its infancy – especially compared to .com – there are signs the monetary value of .au domain names is on the increase.

For instance, in September 2011, investmentproperty.com.au became the highest recorded domain name at auction when it was snapped up for $125,000 by New South Wales property developer Vision Homes. Similarly, hardware.com.au was purchased at auction by Woolworths in 2010 for $33,000. There are unofficial sales rumored at significantly higher values, however often domain name sales remain confidential and there are no laws that require the details published as there are for offline real estate sales.

These sales demonstrate the enormous intrinsic value .com.au domain names hold despite their retail price which starts from as low as $20.

In fact, when we commissioned Deloitte Access Economics to investigate the economic value and impact of the .au domain namespace, they found .au domain names contributed $475 million to the Australian economy and were responsible for creating more than 4300 full-time jobs.

It will be interesting to see what impact new Top-Level Domains like .sydney and .melbourne will have on these capital city domain names and the .au namespace in general. By 2014, the New South Wales and Victorian governments will be set to launch the two namespaces to provide a landmark online identity for two of Australia's most recognised cities.

We can only guess at the impact this might have on the likes of sydney.com.au, melbourne.com.au and associated generic .com.au domain names like hardware.com.au. My guess is that all three namespaces will complement each other. Innovative people will come up with ways to use the new domain name options that most would never guess today. Although, they will look obvious to our future selves…, no doubt.

Whatever might eventuate, it is clear the local domain name marketplace is certainly heating up and it will be interesting to watch this space over the next year.

By George Pongas

General Manager - .au Registry Services – at AusRegistry

Rubbing shoulders with the inventor of the World Wide Web

By George Pongas

Melbourne, Australia – 8th February 2013 - It’s not every day you get the opportunity to say “I rubbed shoulders with the bloke who invented URLs, HTTP and HTML.”

This week I had the honor of attending a sold-out lecture and exclusive Q&A panel hosted by the .au Domain Administration (auDA) in Melbourne with British computer scientist Sir Tim Berners-Lee, the Director of the World Wide Web Consortium and inventor of the World Wide Web.

Sir Tim had the audience in awe as he offered his thoughts on web innovation, cyber warfare, HTML5, the benefits of open datasets and the pitfalls of government censorship of the Internet.

I was glad to see a healthy mix of industry stakeholders, technology enthusiasts and business leaders in the audience. This reminded me that while we work in the Internet industry and have a passion for its development, hundreds of millions of people around the world are the beneficiaries of our vital work and equally share this same passion for the Internet.  

Joining Sir Tim on the auDA Q&A panel was auDA CEO Chris Disspain, journalist and broadcaster Alan Kohler, social commentator Jane Caro and Deloitte Digital’s ‘Chief Edge Officer’ Peter Williams.

For me, the highlight of the night came when Sir Tim discussed the importance of trust in domain names.

Sir Tim described how domain names and TLDs allow people to navigate the Internet and make informed decisions about the content they are navigating to. He said a domain name is like a sign post for trusted and secure content.

I absolutely agree with Sir Tim on this point. For instance, in Australia, the .au namespace is Australia’s home on the Internet because it’s a trusted, regulated and well-recognised corner of the Internet for all Australian businesses, organisations and individuals. This means that when people navigate the Internet and see the ‘nab.com.au’ domain name for instance, they can be confident that they will be directed to the official National Australia Bank website. I imagine that end users would be far less trusting in this instance of a domain name that ends in something other than .au (check out where nab.com takes you!).

This speaks volumes to the effective policy and regulation of the .au namespace, the level of awareness the namespace enjoys in the Australian market, and the willingness of businesses and end users to adopt .au as their online presence. This can in part be attributed to a high performing namespace with a commitment to security.

I would like to take this opportunity to thank auDA for hosting the Q&A panel and the University of Melbourne for hosting the lecture. I would also like to thank the team of AusRegistry staff who attended the events for their passion and contribution to advancing the Internet.

Finally, I would like to thank Tim-Berners Lee for inventing the World Wide Web, because without him I would arguably not have a job that I love so much!

By George Pongas

General Manager - .au Registry Services – at AusRegistry