New service launched to better protect .hk websites
Human interaction makes online identity verification more secure, the city's internet domain registrar said as it launched a registry-lock service to protect .hk sites from unauthorised changes.
"We are putting back the human factor in the verification process," Internet Registration Corporation head Jonathan Shea Tat-on said yesterday.
Several high-profile cybersecurity incidents last year highlighted the risks of unauthorised access to a website's domain name server (DNS), which translates an address like "scmp.com" into its internet protocol (IP) address used to route data across the internet.
Once hackers obtain login details for a DNS, they can change a website's domain name records to direct users to another website or even alter its content.
In August, The New York Times website was hacked and defaced after its DNS register reseller fell victim to a phishing attack that gave hackers access to the newspaper's domain name records. Many media websites - including Reuters, CNN and Bloomberg - locked their DNS after the attack, but they were among the few of the world's largest sites that did so, Shea said.
The new registry-lock service, which aims to remove loopholes created by automation, requires any DNS record changes to be verified through telephone calls with the registrar staff. Only up to three people would be authorised to change the records and the server will be unlocked for only 15 minutes each time.
The .hk domain will be among 21 of 300 top-level domains that have such a service. It is available through the Domain Name Registrar, which charges each domain name HK$2,000 a year.