ICANN Scrutinized in Wake of Panix Attack
"There was an error in the checking process prior to initiating the [domain name] transfer, and thus the transfer should never have been initiated," Bruce Tonkin, the chief technology officer of Melbourne IT, said. "The loophole that led to this error has been closed. That reseller is analyzing its logs and cooperating with law enforcement."
Internet service provider Panix had plenty to panic about over the weekend when its domain name was hijacked by unknown parties. The mystery has since been solved, but the aftermath has some pointing the finger at a new policy the Internet Corporation for Assigned Names and Numbers (ICANN) recently issued to make it easier to transfer domains.
The hijacking disrupted e-mail, Web access and other connectivity to panix.com for thousands of customers when the domain was unknowingly moved to a company in Australia.
Tangled Web Unwoven
It was a tangled web that was unwoven today by domain registrar Melbourne IT in an e-mail message to The North American Network Operator's Group mailing list.
"There was an error in the checking process prior to initiating the transfer, and thus the transfer should never have been initiated," Bruce Tonkin, the chief technology officer of Melbourne IT, said. "The loophole that led to this error has been closed. That reseller is analyzing its logs and cooperating with law enforcement."
Apparently this is not the only domain hijacking since ICANN implemented its Inter-Registrar Transfer Policy last November to streamline domain transfers between registrars. The ICANN message boards reveal a posting by George Kirkikos claiming that aem.com, f3.com and xybererotica.com appear to have been hijacked as well.
The new rules allow transfers to proceed with a customer confirmation by the gaining registrar but without approval from the losing registrar. Some registrars had warned ICANN that the changes would also make it easier to hijack domains.
Jupiter Research analyst Joe Laszlo told the E-Commerce Times that domain hijacking is not very common, though there have been some high profile cases where well known brand names have let their URLs lapse and had to fight to get them back.
"It seems like it was awfully easy for people who weren't authorized to initiate a domain transfer to do so," Laszlo said. "It's tough to say if it's ICANN's fault, although it does seem like certain procedures need to be strengthened. I would hope this causes ICANN to start revisiting some of its procedures."
ICANN is requesting public comments on experiences with the new policy, which went into effect in November 2004.