Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Scandal as UK crime domain sold to German

Controversy as the UK's National Hi-Tech Crime Unit's domain is sold to German man.

The now-defunct UK government agency responsible for investigating computer crime, the NHTCU, no longer owns its domain name after it was sold to an enterprising German internet marketer.

The National Hi-Tech Crime Unit (NHTCU) was established in 2001 to fight high tech crime, but its duties came to an abrupt end in April 2006, when it was transferred to the Serious Organised Crime Unit (SOCA).

While the ownership of a defunct website does not sound overly troublesome, it a serious issue, because many websites around the world still have links pointing to the old NHTCU website. This includes a link to old NHTCU website on the Home Office's own web pages.

The problem came to light at the weekend, after Graham Cluley, senior technology consultant at Sophos, was reading an article on the BBC news website about the NASA hacker, Gary McKinnon.

He noticed a link to the NHTCU website on the BBC article and clicked on it, but instead of being confronted with the usual NHTCU webpage redirecting people to the SOCA website, he was instead confronted with a website advertising a German holiday.

The Government, it seemed, no longer owned the www.nhtcu.org website, which in early August had been sold to a German, Uwe Matt.

"It is pretty sloppy," said Cluley. "The NHTCU website was shut down a few years ago, but until recently, the page redirected people to where they are supposed to go (SOCA). But it seems that someone was not watching this registration, or ignored the renewal form."

"The problem is that many sites and government pages are linked to this page," he added. "Indeed, the Home office crime reduction website links to this site."

Cluley told the UK's Techworld Web site that at the moment, the site does not contain malware.

"There is no reason to think it will in the future," he said. "But there is the potential for the unscrupulous use of the site for nefarious purposes. It could contain malware, or indeed, claim to be the actual NHTCU website, which if it asked users to fill out their details, would lead to identity theft."

"Domains like this very valuable, because lots of sites link to it, like the BBC, which gives it better credibility under Google's search rankings.

"It is enormous irony that the people who are advising about identity theft, have managed to have their own identity stolen," said Cluley. He reckons the sites new owner is a domain speculator, as his own website lists him as the "owner of hundreds and hundreds of websites."

Attempts to contact the website owner, Uwe Matt, were unsuccessful.

Indeed, a WHOIS search revealed that the owner of the NHTCU website is PrivacyProtect.org, a Dutch website that people can use to replace their contact details with alternate contact information. When Techworld attempted to reach the owner, via PrivacyProtect.org's "Contact the Domain Owner" online form, it returned the following error message.

"This Domain is not Privacy Protected and the Owner (Registrant) contact information is available from the public Whois."

This is despite PrivacyProtect.org being listed as the domain owner. The listed telephone number also points to PrivacyProtect.org.

Cluley says the case is a stark warning to people to make sure that the sites they are providing links to, really is the legitimate website, as the ownership can change.

"It is a warning for all of us to be a bit more careful," Cluley said. "Be careful clicking on links, even from reputable sites. It is the wild west out there."

SOCA admitted that renewing the domain registration was its responsibility, but "unfortunately it didn't happen in this case."

"SOCA is aware that registration of the domain www.nhtcu.org has lapsed and is taking the necessary steps to remind partners and stakeholders that the NHTCU became SOCA e-crime in April 2006, and that they should confirm that web links and other references are amended accordingly," said the organization in a statement.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: BBC, Google, NASA, Sophos, VIA

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
Whitepapers
  • Best practices for implementing 2048-bit SSL
    Secure sockets layer (SSL) technology continues to be essential to the growth of the web. With unabated increases in ecommerce traffic along with transmission of personal information, SSL is no longer just a nice to have capability; it is an absolute necessity. The requirement to protect information is further heightened by the universal availability of easy-touse hacking tools such as Firesheep. Read on.
    Learn more »
  • EMC 15-Minute Guide to Smarter Backup Transform your future
    Backup and recovery has become fundamental part of business and an essential element of information management. Information is useless to customers, employees, or business partners can't access it when it is needed. Availability and integrity of information, of the lack of, can directly impact revenues and profits - as well as company reputations. Read more.
    Learn more »
  • Seven Ways Business Activity Monitoring (BAM) Makes Your Supply Chain More Efficient
    webMethods Optimize for B2B offers a set of technology capabilities commonly described as Business Activity Monitoring (BAM). To appreciate the value of Optimize and how it operates in conjunction with webMethods Trading Networks, it is helpful to understand the basic concepts behind BAM and how the technology is applied in a business setting. Read on.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.