Cyber security has hit the mainstream agenda and is now a hot topic of discussion amongst business leaders and policy makers.
A national survey of more than 250 major Australian businesses conducted by CERT and released in February by Attorney-General Mark Dreyfus QC found cyber attacks are becoming increasingly targeted and coordinated.
It found one in five businesses have been targeted by a malicious cyber assault in the past year. Seventeen percent reported loss of confidential or proprietary information, 16 percent encountered a denial-of-service (DDoS) attack, while 10 percent reported financial fraud.
Most staggering of all was the fact that 20 percent of organisations targeted by cyber attacks experienced more than 10 incidents in the past year.
A demonstration of the widespread impact these attacks are having on the economy was Prime Minister Julia Gillard’s announcement in January of a new Australian Cyber Security Centre to boost the country’s ability to fend off cyber attacks.
In launching the cyber security centre, the Ms Gillard said there were more than 400 cyber incidents against government systems in the 2012 financial year, while 5.4 million Australians fell victim to cyber crime with an estimated cost to the economy of $1.65 billion. Ms Gillard underlined the importance of effective cyber security by highlighting that Australians’ use of cyberspace is estimated to be worth $50 billion to the national economy.
These worrying statistics will have alarm bells ringing in the ears of CIOs in every major organisation across Australia. Clearly, big corporates are the low-hanging fruit cyber attackers want to target.
We’ve already seen examples from around the world of the devastating impact an attack can have on a business.
For instance, a high profile security incident last year in Ireland led to the unauthorised access of Google’s and Yahoo’s domain names. In this case, the nameserver delegation information was maliciously changed to redirect all visitors from the google.ie and yahoo.ie websites to other fraudulent websites, significantly disrupting business operations and damaging the brands’ reputation.
You can imagine the impact this had on the Irish economy and business sector.
It is for these reasons that I’m proud AusRegistry has got on the front foot and launched a new security measure to provide an added level of protection against cyber attacks and website hijacking for Australia’s 2.7 million .au domain names.
Called .auLOCKDOWN, the new registry level security protocol will allow .au domain name owners to lock their domain’s nameserver delegations and prevent changes other than by pre-authorised registrars with authenticated access keys.
While a rare occurrence, cyber attackers can attempt to hijack websites by infiltrating registrar servers or by fraudulently posing as an authorised employee. While registrars already have measures in place to counter this type of threat, examples such as the Google and Yahoo incidents demonstrate that another level of protection is warranted for high profile targets.
.auLOCKDOWN combats this type of attack by adding an additional layer of authorisation at the registry level that protects domain names in the unlikely event of a registrar security incident or website hack that leads to unauthorised access to confidential data and systems. It also stops mistakes from occurring within an organisation, where domain names are accidentally updated by employees. This last point is perhaps the most frequent and likely incident to occur. Although innocent in origin, the impact can be just as significant and damaging as those with a malicious origin.
.auLOCKDOWN provides the added level of protection that I know many CIOs for the largest companies in Australia are looking for. It’s about creating redundancy to deliver multiple layers of protection.
How .auLOCKDOWN works
The namesever details of a .au domain name locked through .auLOCKDOWN will only be accessible to authorised individuals through the following strict protocols:
- Registrants must first contact their accredited .au registrar and request a change.
- Following this initial contact, the Registrar will begin a strictly controlled authentication process between the registry and registrar. This protocol has been purposefully designed to involve manual processes and human-to-human contact.
- Only the Registrar’s authorised contact(s) can lock, unlock, and relock a domain name with .auLOCKDOWN and these contacts will be verified by the registry at each request.
- After successfully completing the authentication process, the .auLOCKDOWN is temporarily removed from the domain, the required updates are made, and then the domain is re-locked with .auLOCKDOWN.
.auLOCKDOWN is only available to .au domain name owners through their .au accredited registrar. A list of all .au accredited registrars can be found here.