Small businesses have been reminded to get their act together when it comes to domain name registration and records, following this week’s disaster in which the New York Times was taken offline due to a vulnerability associated with a Melbourne IT reseller.
The ASX-listed Melbourne IT has said one of its resellers was the victim of a “spear phising” attack, in which a hacker targeted a specific employee to gain login details. Once hackers had control of the domain, the New York Times site was taken down.
Such a high-profile hack is unusual and the Australian connection even rarer still, but experts warn this is a reminder of why small businesses must be knowledgeable of everything to do with their domain names – of face a similar hacking.
“This is certainly one of the most overlooked factors,” says AVG security advisor Michael McKinnon.
“There is some research which shows up to 40% of domain names are renewed on the day they expire, so this is often an issue because small businesses can have record keeping issues.
“A change in staff means those records are misplaced and forgotten about.”
Registering domain names is often seen as a chore, and the infrequency of purchasing means it’s often forgotten about.
But as McKinnon elaborates, domain names are a critical part of doing business – so much can go wrong business owners don’t even know about.
“On the more serious side, what can happen is that an attacker effectively changes your DNS and hosts a clone of your website, and it just sits there collecting login details, form submissions, all sorts of data.
“All of this can then be involved in identity theft targeted at small business customers.”
While there hasn’t been a high-profile attack among small businesses in Australia recently, that doesn’t mean the problem is erased – in fact, it’s becoming more popular. A recent survey by McAfee found 45% of SMEs had been targeted by attacks in the past year.
McKinnon says businesses need to start taking charge of their domain name processes – including business owners.
“We’re going to see more of this happen, you could use the term ‘low hanging fruit’ to describe the easy targets.”
“Businesses need to get their records straight and understand as much as they can about their domain name registrations to make sure they’re using a reputable provider.
“Really assess the risks, and be in control of any login accounts. They should be secured with as few people as possible.”
Melbourne IT chief executive Theo Hnarakis told The Australian the link used to gain the login details was disguised as a news story.
“This allowed the perpetrators to access email using bona fide email logins of the staff that worked for this reseller. They were able to search weblog information and see password and user information for some customers, one being The New York Times.”