The government's National Hi-Tech Crime Unit (NHTCU) has had its
web identity snapped up by a private German web firm. The
government has
closed the high-profile unit, but the sale has created security
concerns.
Websites are still linking to the NHTCU even though the domain
name has been sold and has nothing to do with the UK
government.
IT security and control firm Sophos is calling on UK authorities
to take more control of both their current and old websites
following the discovery that http://www.nhtcu.org is in private
foreign hands.
The NHTCU came to an abrupt end in April 2006, when its work was
transferred to the Serious Organised Crime Unit (Soca).
Yet, websites around the world still link to and point readers
to the NHTCU site. As recently as this weekend, the BBC linked to
the website from a story about Nasa hacker
Gary McKinnon.
Sophos experts have discovered that the site is no longer owned
by the UK government, but by an enterprising German internet
marketer who bought the domain on 2 August 2008.
"While there is no sign of malicious content or adware on the
site at the moment, there is no guarantee that this situation is
going to remain the same forever," said Graham Cluley, senior
technology consultant at Sophos.
"If you can 'steal' the identity of the National Hi-Tech Crime
Unit from under the government's nose, what message does that give
the world about the state of the nation's computer security?
Letting the domain name go like this demonstrates a sloppiness on
the part of the authorities."
Sophos said that although the current owner, Uwe Matt, has done
nothing illegal in buying the site, the authorities should never
have allowed the purchase to happen.
According to Sophos, it is likely that Uwe Matt bought the site
to get higher rankings on search engines, but that there is nothing
to stop him selling the website domain on to someone else who may
use the site to host malicious code or spam-related content.
With reputable organisations still linking to the site, the
danger is that innocent computer users could accidentally find
themselves the victim of a cyber attack.
"In the worst possible scenario, fraudsters could in future use
the site to pretend to be the National Hi-Tech Crime Unit and try
to harvest confidential information from computer crime victims,"
said Cluley.
"This situation may never arise, but the message is clear: all
organisations must take proper care of their website domains,
especially if they are widely linked to from other sites."
Sophos has published a
video exploring the rise and fall of the NHTCU website.
Domain name move could trigger flood of disputes >>
Cybersquatting plagues pharmaceutical brands >>