The largest expansion on Top Level Domain Names approved

By

Will ICANN's domain name expansion affect internet security?


On the 28th of June, 2008, the board of ICANN (Internet Corporation for Assigned Names and Numbers) accepted a recommendation from its global stakeholders that it is possible to implement many new names to the Internet, essentially “paving the way for an expansion of domain name choice and opportunity" said Dr Paul Twomey, President and CEO of ICANN.

Registration of new domain names is expected to be possible starting the second quarter of 2009. Due to the trademark and copyright issues this new technology implies, the DNSO (Domain Name Supporting Organisation) Names Council recommended to the ICANN Board that it should establish a policy for the introduction of new gTLDs (generic Top Level Domains) in a “measured and responsible manner”.

As such not every TLD will be immediately available to anyone who wants to register a domain. Businesses must apply to register the TLD first, and go through a review procedure to ensure that it isn't offensive and doesn't violate anyone's intellectual property.

If approved, registering the TLD will cost anywhere between US$100,000 and US$500,000, ICANN says, and the business or organisation must prove that they are either capable of managing the TLD or can reach a deal with a company that will.

It is obvious that these rules limit the buyers of such new TLDs to large companies and governmental institutions. The organisation registering the TLD will also be responsible for determining whether it will be restricted to certain types of sites or open to the public.

Several issues arose and have been discussed during the conference. For example, will TLDs that represent countries or places need to be restricted or be available to the large public? If .arab gets registered, should it apply to a geographic region, or the culture? If someone were to register .lat for Latin America, should anyone be able to use it for commercial purposes?

Another issue is the confusion of consumers when working with new domain names. If you are on a business trip to Sydney, for example, and you want to go sightseeing. How will you find your way online? With the new gTLD scheme, should you use .travel? Or the usual .com? Or maybe .visit? And since we're in Australia, how about .sydney?

Even so, you still don't know for sure if you're in the right place. One of the solutions would be using a search engine which will yield more relevant results, at least until things cool off a bit.

An issue most people disregard is one of security. The BitDefender Team has debated whether or not this will grow into a problem in the future.

Conclusions show that there are two possible outcomes:

The first is that new TLDs could greatly enhance protection against phishing attempts by usage of domains like .bank, managed by a governing body that will carefully select and screen applications.

The second would be that gTLD names extension could be used maliciously by cyber criminals in a couple of ways:

1. Since many companies will be fighting over new TLDs in order to become registrars, prices of less popular domain names will become a commodity, with prices anticipated to get lower and lower. Spammers will find it easy to buy new domain names on which they can spread their threats.

2. Cyber criminals can extend their “workspace”. This basically means increased risk for registered trademarks, as typo-squatters will find it easier to register domains such as wwwswatch.com. (Noting the lack of a dot between “www” and “swatch.com”). The actual goal is stealing the company's website traffic for their own profit through ad-serving. This can also apply in phishing terms.

“The number of fake domains like .comm, .nnet, and so on are likely not to rise, because the process of registering new gTLDs involves extremely high costs and will be carefully monitored”, declares Bogdan Dumitru, BitDefender CTO, “however, it could still be a little more challenging for security software vendors to maintain blacklists of newly appearing domains to ensure good protection.”
Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident

Log In

  |  Forgot your password?