Check .lt domain

The expert from the USA: the lack of security online helps the hackers to steal personal data

The scope of cyber incidents and theft online continues growing each year due to the lack of security habits online and insufficient use of security technologies, notes expert Patrick Jones from the Internet Corporation for Assigned Names and Numbers (ICANN).

According to the USA expert who has visited Kaunas University of Technology, the users often willingly disclose their login data and passwords while failing to realise they are visiting the websites that are falsified by criminals and have domain names that differ from a very similar trademark by one letter. While analysing the stories of the victims of hackers, the IT security specialists face a real challenge trying to distinguish what is real in this age of fake news and misused identities on social networks. We talk to our guest about the main challenges of security online.

Patrick Jones, ICANN

Patrick Jones, ICANN expert

– What are the most relevant globally discussed cybersecurity issues now?

– During the training at KTU I spoke about DDoS ( Distributed Denial-of-Service) attacks that are very common, the use of so-called Bootnet , as well as the use of poorly protected and configured user devices (surveillance cameras and other devices of the internet of things) online that aggravate the activities of networks and reduce their security.

ICANN and other internet organisations provide the recommendations for protection against the most common methods of falsification of DNS (Domain Name System) inquiries by directing the domain names to the fake websites. The number of global crimes related to DNS falsification and the use of similar domain names for the creation of fake websites or e-shops is increasing. I think currently these are the most relevant security issues discussed around the world

– Maybe cybersecurity is an over-emphasised issue and real threats are significantly less serious than we are being told?

– In terms of ICANN organisation, we see various actors on stage who aim to use DNS to achieve their purposes and benefit. A part of the actors aims to get data for their businesses by stealing information for sales purposes, theft of intellectual property and appropriation of financial data. The news tells many stories of the users' data leaked by hackers and even attacks on financial institutions.

– What are the most commonly noticed cybercrimes related to the data use and DNS?

– Criminal gangs try to create similar domain names, mislead and direct the visitors to fake websites or shops aiming to get their financial or personal information. Such fake websites look like official websites, they often use very similar domain names with only one letter difference or they use diacritics of national languages which make very difficult to distinguish between a real and a fake shop. Usually, the users are directed from fake websites to the websites of the criminals with specific software enabling stealing the data of their credit cards, bank accounts with e-banking and other important data.

– Do the restrictions of the publication of domain holders' personal data stipulated by the increased requirements of personal data protection (GDPR) complicate the examination of cybercrimes? Or maybe, on the contrary, it prevents the hackers from finding out the person’s email required for login in many systems?

– We hear the warnings of security specialists about the use of the same passwords for registration to the online accounts; therefore, new mechanisms for information disclosure are being developed; they authenticate the users when login requires more than just an email and password, while personal email addresses and other data are not published due to the requirements of personal data protection and cybersecurity reasons. It is good that we are moving in this direction and personal data are protected.

Moreover, there are discussions regarding the transfer of the users' personal data to the third parties if there is a need to protect the rights: who can get the data of domain holders – trademark holders, trademark protection consultants, other lawyers, police, etc. Unfortunately, there is no consensus yet, who and how can get the information on domain holders.

Training DOMREG

– KTU has the Master’s study programme “Protection of Information and Information Technologies”. How do you see the prospects of this programme and the need for the programmers with knowledge of cybersecurity technologies in the market?

– There is a very high demand for such specialists, particularly in the USA. The need for IT security engineers is also increasing in Europe and Asia because they need specialists who would be competent in the area of IT security. In particular, there is a lack of experienced specialists who could withstand the hacker attacks and install security solutions for preventive protection against them. The market of such specialists is growing and the fact that KTU has such a study programme is good news for Lithuania.

– Does every company need to have an IT security specialist today?

– If it is a big business with complex IT systems that are essential for the insurance of business and production processes, such companies usually have IT divisions with IT security teams. Even smaller and small businesses have to ensure the security of their systems; therefore, knowledge and competence in this area with abundance of everyday challenges are very important.

– What advice would you give to the internet users and creators of the websites and e-shops to make everyone feel more secure online?

– I think the most important aspect for the users is to ensure protection of their login, user authentication data and passwords. The login data to the website’s server content management system, domain control panel, email or e-banking have to be carefully protected and never repeated. The most common mistake is the use of the same password; therefore, you should never use the same password for the authentication in various systems. If the password is leaked in one system, all the other systems using the same password become vulnerable – bank, email, cloud computing services, etc. Never click any links in your emails to log onto your bank, email or other important systems. It is a common trap for inexperienced users when similar domain names are used and fake websites are created aiming to get the users' login data.

If you have a business online, a website or an e-shop, you should use SSL protocol for the transfer of data between the user’s device and the server. You should request SSL support in the server from the website hosting or server leasing companies so that you could use HHTPS, you should also learn about the use of DNSSEC for protection of the domain’s DNS and multi-level authentication solutions.

The use of the payment plugins of the third parties of good repute, for example, “PayPal”, in the content management systems (when the users enter the data required for their payment in the website of high-security payment platforms) increases confidence in the e-shop. It is a solution of good security practice that increases the users' confidence in the e-shop.

We have to be responsible for security online

Tomas Mackus, DOMREG

Tomas Mackus, DOMREG

The Head of the Client Service Office Tomas Mackus tells about the measures taken by KTU Internet Service Centre DOMREG to make the Lithuanian internet more secure:

“The key areas of the application of the information security policy of .lt registry – provision of the services of the domain name register and uninterrupted functioning of the domain name system (DNS). We are happy that ICANN shares the latest information on the realities of DNS and helps to increase the competence of the Lithuanian IT specialists.

The insurance of the information security is a very important area for any company or organisation; therefore, we consistently plan, implement, inspect and improve our information security control system installed according to the requirements of the standard ISO/IEC 27001:2013.

We contribute to the security of the internet and fight the criminal offences in the domain registration in cooperation with the representatives of the law enforcement who investigate cybercrimes. We advise the customers of domains to register all similar domains related to their activities, instead of waiting for them to be used by the criminals. If a trademark contains the specific Lithuanian letters ą, č, ę, ė, į, š, ų, ū, ž, we suggest checking both options of the domain – an “incorrectly spelled” using Latin letters and a correct one with specific Lithuanian letters. If they are available – register both of them.

The registration of the domains with specific Lithuanian characters provides easier access to the Lithuanian users, while prevents the criminals and competitors from appropriating or copying your website address and trademark.”

Published 2019-06-27