Police could have prevented hack

DBS would have warned them

For eighteen months, an ethical hacker received information intended for the Dutch police by claiming previously cancelled domain names. The hacker said that the police could have prevented the data falling into unauthorised hands by using SIDN's Domain Name Surveillance Service (DBS). And what about you? Are you making the same mistake?

The security incident happened after the police cancelled a large number of domain names as part of a reorganisation. Some were picked up by ethical hacker Wouter Slotboom. When he started getting mail meant for the police, he told them what was happening, but got no reply. So Wouter took his story to the media. He highlighted the fact that the police could have prevented the information leaking out by using DBS. The police are by no means alone in failing to guard against problems. Earlier research by SIDN revealed that many domain names incorporating the Netherlands' top fifty brand names had been registered by people other than the brand owners. No fewer than 675 phishing sites with domain names that echoed leading brands were detected.

What's DBS for?

SIDN's Domain Name Surveillance Service protects brands on line by looking out for registrations that look like brand names. In the .nl zone, there are 1,786 domain names that include the Dutch word for 'police'. About 1,500 of them aren't registered to a police force. If the police had used DBS, they would have been warned whenever anyone registered a suspicious domain name, enabling them to intervene in appropriate cases.

How does DBS work?

DBS has three components:

  • The profiler scans the websites linked to flagged-up domain names and labels them as phishing sites, normal sites or advertising sites.

  • Whois information enables the brand owner to contact the registrants of suspicious domain names.

  • DBS's supporting workflow environment enables users to coordinate response action with colleagues.

What are the benefits?

  • A clear picture of the domain names in existence that incorporate or resemble your brand name

  • Information about who has registered the domain names in question

  • Alerts whenever suspicious new domain names are registered

  • A proper overview of the domain names landscape for your organisation

For more information about DBS, contact:Pim Pastoors, Product Manager+31 26 352 55 00 pim.pastoors@sidn.nl

Comments

Pim-Pastoors

Pim Pastoors

Productmanager

+31 6 570 454 07

pim.pastoors@sidn.nl

  • Tuesday 29 January 2019

    About SIDN

    Health care innovation: digital support tools for better decision-making

    Thumb-doctor-discusses-with-patient

    Winq helps patients and care providers make treatment decisions together

    Read more
  • Wednesday 29 May 2019

    Internet security

    Website security in large organisations: oversight is vital

    Thumb-protected-access

    Big organisations with fragmented domain name portfolios are at risk

    Read more
  • Thursday 7 November 2019

    Internet security

    Privacy statements are a breeze with Privacy Label

    Thumb-privacy-on-digital-background

    SIDN Fund supports development of reader-friendly privacy statements

    Read more

Sorry

Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.