The French National Cybersecurity Agency (ANSSI – Agence Nationale de la Sécurité des Systèmes d’Information) has recently launched an information campaign to heighten public awareness about the dangers of attacks on domain names and the importance of activating the Registry Lock on all sensitive domain names.
Domain name holders are generally aware that they can protect their domain names by locking them at the registrar level. However, for some generic Top Level Domain (gTLD) and country code Top Level Domain (ccTLD) domain name registrations it is also however possible to lock domain names at the Registry level. Wherever this option is available, it should be implemented for business critical and valuable domain names.
Locking domain names at the Registry level provides an additional layer of security against domain name hijacking, unauthorised domain name server (DNS) changes, domain name deletions and fraudulent transfers. Registry Lock services do this by adding additional authentication and manual validation by the Registry and managing registrar before any modification is made.
Awareness of DNS hijacking is growing following high profile cases, such as the 2013 Syrian Electronic Army attack where the DNS for several high profile domain names were re-delegated to alternative DNS, thus bringing down the respective websites. However, many domain name registrants are not aware of the options available to increase the protection on their domain names.
ANSSI is thus recommending that holders of valuable and sensitive .FR domain names protect their domain names by activating the Registry Lock. AFNIC, the French domain name Registry, has been offering this service (the “.FR lock”) since 2015. The Registry Lock service under .FR is only available via AFNIC accredited registrars who have signed up to offer this service.