Network Solutions Lacks Solutions for Domain Name Hijacking
Although somewhat relieved this security breach did not originate from our site, I was still perplexed as to how an exploit so damaging could exist at Network Solutions. I'm no business expert, but when you run a company dedicated to securing domain names, and your company is not able to secure domain names, perhaps you should reevaluate your long term business strategy and services. I hear there's a big demand for video software that displays rippling American flags in the background with the text "ELECTION 08" plastered across it in patriotic Impact font.
1:29 PM - I once again contact Network Solutions' "Gold VIP Member" tech support, morbidly curious as to how painful this entire process would be using their Silver VIP tech support or, god forbid, Bronze support. That probably just connects you with a fat shirtless guy in a garage who picks up the phone and slams the receiver against a giant wooden speaker blasting cutscenes from Shockwave Assault: Invasion Earth 2019. Not that I disagree with such a procedure, I'm just worried it won't be as effective advocating customer suicide.
I connect to the next perpetually furious tech support person, who agrees to revert our nameservers once again. I casually ask when Network Solutions decided to adopt a corporate policy encouraging completely random people to alter their clients' private registration information, thereby destroying their business. The customer support representative claims they have no such policy, shortly before surprising me with an unexpected question.
"Did you just change the nameservers on your domain again?" Yes, that's correct, while waiting on the phone, our Network Solutions nameserver data had been hijacked yet again! And to top it off, the tech support gnome seriously believed I changed our nameserver address while waiting on the phone, asking them to revert these changes to our nameserver! Hushed internet rumors whisper of a Network Solutions' mythical "Platinum" VIP tech support team, an elite collection of the few superhuman geniuses able to pass the infamous Network Solutions Platinum VIP Employee Test (they have to figure out how to ride a public bus AND count $1.50 in correct change).
Two facts grew painfully apparent at this point in time:
1. The security breach which had knocked our entire business offline was exploited directly through Network Solutions itself.
2. The nice ladies and gentlemen working at Network Solutions didn't particularly care about this gaping security hole.
Unfortunately, both assertions were repeatedly reinforced over the following two weeks. I gradually worked my way up the tech support ladder Wednesday afternoon, speaking with two separate entities who showed off their fancy job titles containing important words like "executive" and "specialist" and "vice president," which I'm sure would be awesome and help me out a whole bunch if only they weren't members of the Network Solutions Department of Ridiculously Powerless People Locked in a Haunted Broom Closet.
Having exhausted all methods preventing unauthorized folks from exploiting Network Solutions to change our site's private information, I immediately asked for Something Awful's domain to be legally locked. Merely changing your Network Solution username, password, and security question fails to affect your domain security whatsoever. What a ludicrous assumption! The only way to restrict random people from altering your Network Solutions account is by requesting then to put a legal lock on your domain. I have no idea if this process affects the hijacker's ability to view your private registration data and personal account details since Network Solutions still has no clue how it originally happened.
The random executive account specialist space astronaut Network Solutions shoved towards a phone explained to me they "opened a report" and "began an investigation" regarding the hilarious hijacking hijinx of wacky Wednesday. She sounded really serious when she told me this; it was like a female version of David Caruso deftly swiping sunglasses from her face and remarking something along the lines of "looks like the hunter... has become... the hunted." I wonder how many green and orange flood lights are installed in each Network Solutions Important Investigation Cubical / Coat Donation Drive 2008 Pile.
A pleasant surprise greeted me the subsequent morning; nobody had hijacked our site overnight! It's always an exciting treat to wake up and notice Network Solutions has failed to let anybody shut down your entire business! I waited a few hours for my top secret ultra important Network Solutions contact to call back and offer any details of their exciting investigation. As you can probably guess, nobody bothered getting in touch with me, forcing me to phone them yet again. And as you can probably guess once more, nobody bothered answering the phone. Network Solutions employees are grown in vats and genetically engineered to ignore ringing phones and emails containing any combination of "tech support" and "request." I eventually received a call around 5:00 PM that day, revealing... wait for it... the investigation was not complete and they subsequently had nothing to report! Hooray! Go get 'em, Encyclopedia Brown!
Now pretend I just copied and pasted the proceeding paragraph 12 more times, one for each day of the week up until today. Sometimes the folks at Network Solutions decided to "spice things up" a bit by instructing me to dial a different phone number for a different employee who takes a different amount of hours to return calls. A few times they promised me to call each day, even if they had nothing new to report, a promise which lasted a grand total of zero days and zero calls. The only information I managed to squeeze from them are the following facts:
1. The security exploit was absolutely, positively through Network Solutions, not SA, and they are "taking steps to address it." Please do not ask me what "it" is. You'll have to wait until they release their exciting investigation report, "How to Prevent It." Regardless, we're not at fault.
2. "It" has happened to other sites registered through Network Solutions, and is apparently not a new phenomenon. Whew, I feel much better knowing other webmasters could also have their sites stolen from them!
Here we are, two weeks later, and Network Solutions still cannot determine how somebody exploited their system to access and alter our private registration information. This security hole resulted in our website and entire business shutting down, inaccessible to most people for up to a week afterwards (due to inherent ISP DNS caching). An individual possessing unrestricted control of a company's nameserver entry could easily cause unlimited damage to them and their customer base if not immediately addressed. Yet Network Solutions somehow managed to overshadow this complete lack of account security with an equally horrendous lack of customer service.
If you own a domain registered through Network Solutions, please put a legal lock on it as soon as possible; there's apparently no other way to prevent an unauthorized user from accessing and changing your nameserver settings. Based on this limited information provided to me, I can only assume what happened to our site can potentially happen to anybody else using their domain registration service. If this is not the case, then I actively encourage Network Solutions to take a moment from their busy schedule and maybe, oh I don't know, reveal what the hell happened? I'll report on all related news if our site miraculously manages to avoid morphing into a parked domain placeholder page once again.
Article update (1-18-08) on following page!