The Security Effects of Internationalized Domain Names

Over the years, many changes have been made to the Domain Name System (DNS). Some of these changes were made to allow internationalized domain names, or IDNs. The concept behind these is simple: to allow language-specific scripts or characters that are not part of the usual Latin alphabet to become part of domain names.

However, the security and cybercrime implications of international domain names have to be considered. We know that criminals jump at every new technological development to make money… and that some open the doors to cybercrime more easily than others.

This is a subject I’ve been thinking about for a while. There are a number of facets to the IDN discussion, and a number of associated risks.[…]

Several internationalized domain names have already been approved for use by the following countries, namely:
China (中国 and 中國)
Egypt (‏مصر)
Hong Kong (香港)
Russia (рф)
Saudi Arabia (السعودية)
Taiwan (台灣 and 台湾)
United Arab Emirates (امارات)

The first threat that comes to mind is domain squatting in these new country-code domains. Let’s consider a theoretical example of the (fictional) company Bingo. Suppose someone registers bingo.рф before Bingo gets around to it.

The customers of Bingo would be exposed to phishing from bingo.рф before the legitimate Bingo organization is able to register their domain. (This threat would occur anytime a new TLD is approved that is applicable to an existing organization.)

It gets worse. With a valid registration, it would not be hard to prove that a domain is legitimately owned and thus get an SSL certificate. This could lead users to believe they are visiting the legitimate site.The only real solution here is vigilance on the part of the domain owners and registrars, and careful scrutiny on the part of computer users.

http://blog.trendmicro.com/the-security-effects-of-internationalized-domain-names/

Leave a Reply