Following the Cisco report released yesterday, Nominet – the organisation responsible for the .UK domain – has issued the following statement about the safety of the UK domain’s DNS, and has also offered advice for businesses:
Cath Goulding, Head of Cyber Security at Nominet:
“From a .UK perspective, Nominet has taken steps to ensure that the country’s top-level domain and DNS is secure from this sort of attack by applying a layered security approach. This includes two factor authentication (2FA) across our systems and Domain Lock for our registrars.
While 2FA helps verify authenticity, Domain Lock is a tool by which registrars can literally ‘lock’ domains so that no changes can be made without thorough authentication of the domain name owner via 2FA. We are continually monitoring the situation, and would reassure the majority of consumers trying to access .UK domain names.
For businesses that have their own DNS provisions, we would recommend checking your DNS settings manually to ensure they are still pointing to legitimate servers. The issue with this sort of attack is that it’s incredibly difficult to spot. We would recommend implementing stringent access protocols for your DNS settings, such as multi-factor authentication, as this additional layer of security makes it much harder for hackers to gain access to your systems.”