China Domain Name Registration Changes Could Reduce Malicious Sites, Researchers Say
China has changed its domain name registration process as part of what its government says is a crackdown on Internet porn. Security researchers believe the changes could help limit the number of malicious sites using the .cn top-level domain.
When McAfee published its list of the most dangerous Web domains,
However, some security researchers say that may change as a side effect of China tightening its control over the Internet. Chinese authorities recently changed their domain registration process to require domain name applicants submit a formal paper-based application when making an online application to the registrar. This includes: the original application form with business seal, company business license and a photocopy of a registrant ID.
"This change will make the .cn domain very unattractive for criminals and fraudsters who are looking for domains for which they can register anonymously, preferably paying with stolen credit card information," blogged McAfee security researcher Toralv Dirro. "This would be a great step in making the domain name space of .cn a safer place and...would in fact make
The new rules essentially prohibit any individual from registering a domain by limiting applicants to state-licensed businesses. The rule changes are part of a larger war Chinese officials have said they are launching against Internet porn. China's
Such efforts have stirred controversy however because they have been used in the past as a way to block political content.
Of the 27 million Websites and 104 top-level domains McAfee rated for its latest report, 5.8 percent, or more than 1.5 million, pose a security risk. In its third annual Mapping the Mal Web report (PDF), McAfee gave the .cn domain a weighted risk of 23.4 percent, meaning there is a better than one-in-five chance a .cn Web site will be malicious.
Researchers over at Trend Micro researchers reacted favorably to China's move as well, though the questioned China giving domain name applicants five days worth of leeway when it comes to receiving the paper-based application.
"Malicious URLs can infect as many users that are led to them in as little as a few minutes," according to a post on Trend Micro's blog. "Cybercriminals thus already benefit even if a URL is up for only a few hours. Giving the cybercriminals a total of 120 hours before a domain gets withdrawn will do very little in stopping their crimes. The new policy is indeed a good start; it is however rather unfortunate that it is not enough to stop modern threats."