Hi-tech cops lose their website
Forget to re-register did we?
The lapsed website of the UK's National Hi-Tech Crime Unit has been snapped up by an opportunistic German marketeer.
Up until recently nhtcu.org redirected to the official website of Serious Organised Crime Agency (SOCA). SOCA was created in April 2006 with the merger of the National Crime Squad, the National Criminal Intelligence Service, the National Hi-Tech Crime Unit (NHTCU).
NHTCU became SOCA's e-crime division, and its former website was redirected to the official SOCA site. But recently this registration was allowed to lapse allowing a German marketeer Uwe Matt of digitalsuccess.biz to buy the domain on 2 August.
German marketeer lays towel on nhtcu website
The change was picked up by Graham Cluley, a security consultant at Sophos, in following a link from a BBC story about moves to extradite accused Pentagon hacker Gary McKinnon. The site contained pictures of surveillance cameras and an odd tale about the splendid security performance of a German hotel earlier this week, Cluley reports.
The content of the site has since been changed to include a link back to the SOCA website, though not an automatic redirection. At no point did the site host malware. The German marketeer who bought the site claims his intentions are strictly honourable.
"We have no fixed intentions for this domain at present and would welcome any ideas or suggestions about how it might be best used," the site's new owner (digitalsuccess.biz) states.
Many organisations still link to the nhtcu.org site, presenting it as a source of information on the fight against cybercrime. Between 2001 and 2006 NHTCU had considerable success in bringing a motley crew of would-be cyberblaggers and phishing fraudsters to justice (malware authors were handled by Scotland Yard's cybercrime division). This work led media outlets, computer security firms and British government departments to link to the NHTCU.org site.
Sophos speculates that Matt may have bought the site simply in order to snap up a domain with a high search engine ranking at a bargain price. The concern is that there is nothing to stop the sale of the domain to someone with more nefarious designs.
Cluley suggests its new owners would do well to donate the site back to SOCA. We've relayed this suggestion to digitalsuccess.biz and await its response with interest. ®
While I don't like bottom-feeding opportunists like this German guy (who says it's only Americans that behave like this? :) ) there's no excuse for any organisation's IT department to allow lapses like this. The sharks are out there waiting to snap up any expiring domain names that have gathered value and it is the IT department's responsibility to keep domain registrations up to date.
As IT manager of my company, I made it my PERSONAL responsibility to ensure all our domains are re-registered as they come up for renewal. It's a small task, easily missed and forgotten about, but also easily and quickly taken care of, and as such I don't delegate it to anyone else. That way, I know it's being done, and I'll wear the egg if I lose a domain. If more ITOs took responsibility for their jobs, these sharks wouldn't have a market.
Of course, if one of our clients no longer wants a domain, or we have no further use for one, then we'll renew it anyway and park it for sale ourselves to anyone that wants it. If we built up its value, then we deserve to profit from its sale. If in this case SOCA no longer wanted the domain, they really should have done the same thing. At least then they'd have a) profited from it, and b) retained some degree of control over who it went to on the first sale.
re: SOCA, seriously?
No, but there's LHOCA - the Light hearted Organised Crime Agency - tasked with investigating the recent upswing in the pieing statistics.
And while I'm at it, how could I fall to mention the Silly Organised Crime Agency - those old ladies attacking people are a serious menace, these days I tell you.
I don't get it...
Why should they re-register it when it's (a) a discontinued department name and (b) an inappropriate TLD anyway?
Has anyone thought that they might have let it lapse DELIBERATELY because it wasn't what they were called any more?! The press might like to have a laugh at them, having received a press release from Klaus Winkelhacker - but really it's entirely possible that this was deliberate and the only stupid people are the ones NOT linking to the CURRENT URL!