Hacked ICANN Not Master Of Its Own Domain

You know the security threatscape is getting weirder when the organization in charge of domain names gets some of its own domains hacked.That, evidently, is exactly what happened last month when domain system manager ICANN (Internet Corporation for Assigned Names and Numbers) found that several of its own domains had compromised. Visitors seeking certain domains were redirected to sites that jeered at ICANN's control of the domains.

ICANN has been pretty tight-lipped about the incident, which it claimed lasted less than half an hour, and shifted the blame to one of its registrars rather than ICANN proper.

Whatever. The point here for small and midsize businesses is the reminder of vulnerabilities even at the top of the Internet's hierarchy, structure and organization.

Move that vulnerability down a notch or two (the same way ICANN went about placing blame) and ask yourself some questions about your own domain names:

Who's the registrar you (or your service provider) deals with? What's their security history and what sort of security guarantees do they offer?

What sort of liability do they face if your domain gets hijacked on their watch? What's their policy for making good on any expenses (including legal etc.) you may suffer if a hijacked domain causes you or your customers problems and losses?

How much of the above do you have in writing?

Become, in other words, master of your own domain names. As much, that is, as is possible.