Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

CloudFlare Launches Security-Focused Domain Registrar

Web performance and security company CloudFlare today announced the launch of CloudFlare Registrar, a security-focused service designed for organizations that own high-value domains.

Web performance and security company CloudFlare today announced the launch of CloudFlare Registrar, a security-focused service designed for organizations that own high-value domains.

High-profile domains can be targeted by malicious actors in DNS poisoning attacks, allowing them to redirect a site’s visitors to an arbitrary domain, or silently intercept and modify traffic.

Several major companies, including Google and Craigslist, have had their domains hijacked over the past years due to registrars that failed to prevent attackers from making unauthorized changes. In some rare cases, organizations forget to renew their domains, which can also result in financial loss and a negative impact on their reputation.CloudFlare launches registrar

Since it couldn’t find a high-security registrar to protect its domains, CloudFlare has decided to launch its own service and offer it to customers with high-value domains. The problem, according to the company, is that while security measures designed to protect domains and registrants exist, they haven’t been widely implemented.

CloudFlare Registrar customers will not have to worry about unauthorized changes to their domains as they can require formal approval from multiple stakeholders within their organization when making modifications, CloudFlare said. This is a very important procedure, as demonstrated by the 2013 incidents in which hacktivists of the group KDMS managed to hijack the domains of several high-profile companies after social engineering employees of Web.com-owned Network Solutions.

“Customers who care enough about the security of their website to use CloudFlare are still at risk to domain hijacking via their registrar. By offering registrar services to CloudFlare Enterprise customers, we instantly eliminate the additional risk a third-party registrar may overlook,” explained Matthew Prince, co-founder and CEO of CloudFlare.

Another advantage for CloudFlare Registrar customers is that their domains will never expire — the security firm says its service will automatically renew them when there is less than one year before they expire.

CloudFlare Registrar is an ICANN-approved service created specifically for high-profile organizations, for which protecting their domains is a top priority; the offering is not for the general public.

“CloudFlare Registrar isn’t for the masses, it’s for organizations that would make a front-page story if they lost their domains,” Prince noted. “There are plenty of great mass-market registrars available today, but now high-profile organizations don’t need to settle for a one-size-fits-most security approach when it comes to their online brands.”

Advertisement. Scroll to continue reading.

RelatedFive DNS Threats You Should Protect Against

RelatedFacebook, CloudFlare Want SHA-1 Alive in Older Browsers

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Security Infrastructure

Security vendor consolidation is picking up steam with good reason. Everyone wants to improve security efficiency and effectiveness while paying for less.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.

Security Infrastructure

Instead of deploying new point products, CISOs should consider sourcing technologies from vendors that develop products designed to work together as part of a...

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

Audits

The PCI Security Standards Council (SSC), the organization that oversees the Payment Card Industry Data Security Standard (PCI DSS), this week announced the release...

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture