HK, S'pore tough on domain registration

In 2004, China and Russia were identified as hotspots for spam, accounting for the majority of spam sent to the U.S. and supplying spammers with details of compromised PCs.

But it was only last December that China tightened its ccTLD registration regulations to allow only Chinese businesses to register for the ".cn" domain. The government said the move was part of an effort to crack down on illegal domains in the country that carried spam and pornographic content, though some observers said the regulation was politically influenced.

With the tightening of China's domain name registration, cybercriminals then turned to other domains, namely Russia, Maria Namestnikova, spam analyst at Kaspersky Lab, said in an e-mail interview with ZDNet Asia.

Russia, which previously did not require verification to set up domains, then changed its regulation on Apr. 1 requiring individual applicants to provide a copy of their passports while business applicants were required to supply legal papers when registering for a ".ru" domain, reported Computerworld . There was no mention of whether ".ru" would be limited to only Russian residents.

While China and Russia have only just begun regulating their ccTLD registration, markets such as Hong Kong and Singapore already have strict regulations in place.

In Hong Kong, registration for ".hk" ccTLD is open to both local and overseas applicants who are required to submit documents to support their applications, according to the Hong Kong Internet Registration Corporation (HKIRC) Web site.

For Singapore, registration with the Singapore Network Information Centre (SGNIC) requires proof of qualification "upon request" to ascertain the applicant is qualified to own the domain name. Foreign companies that are not registered in Singapore and wish to apply for a ".com.sg" domain will need to appoint a local registered entity as an administrative contact, according to SGNIC.

HKRIC CEO Jonathan Shea explained that to protect against malicious use of the ".hk" ccTLD, the organization conducts regular checks to identify applications that are likely to be used for fraudulent purposes and will demand more documentary proof from these applicants.

Shea said HKIRC also proactively monitors current ".hk" domains for phishing and "spamvertising" on a daily basis and adopts processes that will allow immediate suspension of malicious domains. The organization also collaborates with the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), as well as law enforcement agencies, to investigate malicious use of ".hk" domains.

Legal companies also affected
While such regulations are aimed at curbing cybercrimes, legitimate businesses do bear the brunt of having to adhere to the requirements.

Roger Lim, CEO of Singapore-headquartered hosting provider Webvisions, said the new Chinese regulations, for instance, have resulted in more tedious domain registration. He noted that verification documents have to be submitted to the authorities and applicants cannot remain anonymous when registering for such domains.

Lim said most hosting companies or domain registrars have acceptable policies that advocate fair use and are good deterrents against spammers and malware.

While these developments in China and Russia can help create another defense mechanism against spammers and malware, he described the new legislation as "a blunt tool".

"[It] will probably work, but [the question is] at what cost and to whom?" he noted.

However, Tan Wei Ming, Symantec's Asia-Pacific senior manager of government relations, said the regulations were necessary to protect users.

Without sufficient control of ccTL, Tan said, cybercriminals can use country-code domain names as a guise for a legitimate company and send spam that may then be wrongly interpreted by the recipient as mail from a legitimate source.

China's crackdown, for instance, did make an impact on the country's daily spam volume, he said. After the new legislation was implemented, the daily spam volume from ".cn" domains fluctuated around 20 percent, dipping from the usual average of about 40 percent, he noted.

International collaboration needed
However, greater international cooperation and alignment are needed to better combat against cybercrimes, Tan urged.

Cyberthreats transcend national boundaries, he said, noting that cybercriminals are now more sophisticated and can quickly adapt their tactics and means of exploitation to changing environments.

Kaspersky Lab's Namestnikova added that while cybercriminals will find it more difficult to use "tried and trusted" schemes with the new regulations, they are still able to employ other methods such as short-link services or create third-level domains on other sites.

Asked how it handles domain name abuse, the Internet Corporation for Assigned Names and Numbers (ICANN) said it works with a dedicated security team as well as experts in domain name management. ICANN also established the Uniform Domain-Name Dispute-Resolution Policy to prevent abuse of domain registrations, according to the spokesperson.