Three hackers indicted for hijacking domain name.
An indictment against three hackers involved in hijacking the Comcast.net domain name last year shows how easy it is to pull it off: just get access to the administrative contact’s email address.
The U.S. government has charged three hackers with doing just that, and using the email address to change the nameservers on Comcast.net at domain name registrar Network Solutions.
Blame the hackers, but also Comcast for not having security measures in place with their registrar. Moniker, Fabulous, and GoDaddy each have optional security tools available that make it harder to make changes to DNS.
If I were a registrar, I’d offer a gold standard security measure to big companies for critical domains. It would be expensive — something like $10,000 a year — but would guarantee that incidents like this don’t happen.
In order to make any change to the DNS or ownership of a domain, a representative of the registrar would literally fly to the headquarters of the company to meet in person. Over the top? I don’t think so. If I were the CTO of a Fortune 500 company, I’d gladly pay this amount as an insurance policy.