IPv6 – Domain Squatting, Hijacking and Phishing
IPv6, while having lots of advantages, can be expected to bring back the old problems of Domain squatting, Domain name hijacking and phishing.
Domain Squatting (or Cybersquatting) is registering, trafficking in, or using a domain name with bad faith intent to profit from the goodwill of a trademark belonging to someone else. Typically, the cybersquatter after getting the domain name offers to sell it to the person or company who owns a trademark at a very large price.
One of the best defence against Domain Squatting is for the legitimate persons and companies to get the right Domain(s) early. Even if the decision to move to IPv6 totally can be delayed, it would be a good idea to get the domain names now.
The process is quite straight forward and inexpensive. A party wishing to register a domain name may do so by contacting a registrar or companies that have reseller agreements with a registrar. At the time of registration, the registrant provides the registrar with technical and contact information to be associated with the domain name, and enters into a registration Agreement with the registrar. The registrar then submits the information associated with the domain name to the registry, which maintains the authoritative, master database of all domain names registered in a particular Top-Level Domain.
Registrants may choose to transfer their domain names from one registrar to another. Such transfers are conducted according to the Inter-Registrar Transfer Policy (see http://www.icann.org/transfers/).
During this IPv6 transition, another disturbing trend “IP cyber squatting” is expected to come up. Organizations that have received IP addresses in large blocks, might instead of returning it, try to profit by selling the unused numbers to the highest bidder. ARIN (American Registry for Internet numbers) hopes to avoid the problem by encouraging organizations to make the IPv6 transition now and turn in unused IP addresses. According to ARIN, “Internet numbers are issued according to policies that say if you don’t have a need for IP addresses you should return them” and “if required an audit would be conducted to identify and get back the unused IP addresses”.
The possibility of selling the IPv4 for a large payout and still remaining the registered owner of the block in the whois and RIR databases may sound attractive (and even legitimate) to some. But any activity using the IP addresses you have registered, brings the responsibility of any activity using it to fall on your shoulders.
Trend Micro predicts that “As users start to explore IPv6, so will cyber criminals”. They also comment that regional TLDs (Top-Level Domains) that will introduce “Cyrillic characters in place of similar-looking Latin characters” as a means of phishing attack. Refer to http://www.mydigitalfc.com/news/phishing-attacks-becoming-more-localised-and-targeted-231 for some interesting information on phishing.
Domain name hijacking refers to the wrongful taking of control of a domain name from the rightful name holder. Detailed information of domain name hijacking and how it can be avoided is available at http://www.icann.org/en/announcements/hijacking-report-12jul05.pdf. The significance of Domain hijacking can be understood by what the report says:
- Domain hijacking can disrupt or severely impact the business and operations of a registrant, including (but not limited to) denial and theft of electronic mail services, unauthorized disclosure of information through phishing web sites and traffic inspection (eavesdropping), and damage to the registrant’s reputation and brand through web site defacement.
- The report illustrates how the domain hijacking incidents often affect more parties than the rightful name holder: customers, business partners, consumers of services provided by the name holder, and even parties wholly unrelated to the name holder are often “collateral damage” to hijacking incidents.
Based on the findings and recommendations of the above mentioned report, ICANN seems to have changed the policies (available at http://www.icann.org/en/udrp/) to ensure speedy resolution of domain name disputes.
The general opinion is that in spite of the large number of such cases and their impact, enough has not been done to prevent these problems like domain name thefts and abuse and it is left to the individual users to take steps to protect themselves.
While planning for IPv6 (even if the decision to remain in IPv4 for some more time to come), it is advisable for organizations to have these aspects of squatting and hijacking in mind and take preventive actions.