.IE Domain Profile Report 2022

Cybersecurity – a key focus for the .ie namespace Number of verified* cyber attacks taken down 0 10 20 30 40 50 60 70 80 Dec 22 Nov 22 Oct 22 Sep 22 Aug 22 Jul 22 Jun 22 May 22 Apr 22 Mar 22 Feb 22 Jan 22 Phishing URL Web-Inject Malware URL Web Shell Shopping Site Skimmer Defaced Website Phishing Dropsite Other Attack Types Survey Scam (y) Package Scam (y) 23 37 29 35 51 36 47 51 49 72 42 42  Phishing URL  Web-Inject Malware URL  Web Shell  Defaced Website  Shopping Site Skimmer  Survey Scam  Phishing Dropsite  Package Scam  Other Attack Types Source: Netcraft monitoring service of .ie domains *Verified by Netcraft .IE is designated as an Operator of Essential Services (OES) under the Network and Information Systems (NIS) directive. As one of the guardians of Ireland’s national critical internet infrastructure , the .ie namespace, we are acutely aware of helping to protect Irish consumers and SMEs from cyber criminals. We take a number of steps to keep the .ie domain safe and this ensures that the level of security threat to .ie websites is considerably lower than other top level domains, such as .com. The SpamHaus Project , an international non-profit organisation that tracks spam and related cyber threats such as phishing, malware and botnets, collates a Badness Index for top level domains. The Badness Index for .ie is 0.0% / 0.00. Manually review .ie applications Only individuals and businesses with a provable connection to Ireland can register a .ie domain, and applications from new customers are manually reviewed to ensure that they meet this requirement. This process keeps the .ie domain largely free from registrations by bad actors for their quick-moving scams and other illegal activities that unmanaged registries cannot detect as easily. Consumer protection protocols We have established protocols with regulators to address online illegality and to permit ‘take-down’ of .ie websites under certain circumstances. There is a Regulatory Authority Protocol for dealing with illegal content on .ie websites. The regulatory authorities with whom we engage include the Corporate Enforcement Authority, the Competition and Consumer Protection Commission, the Central Bank and the Garda National Cyber Crime Bureau, amongst others. 514 Jan – Dec 2022 .IE Domain Profile Report 2022 | 1 Proactively respond to online abuse We employ Netcraft , who provide internet security services, including cybercrime disruption. These services allow us to proactively respond to online abuse issues, such as websites that are hosting malware, phishing or botnets. Netcraft notifies our Registrars (companies that sell and manage .ie domains on our behalf). The domain holder can then, with the help of their Registrar or hosting provider, take the required corrective action. Netcraft will monitor the website after the fix to ensure the issue is resolved. This service is invaluable as it helps innocent victims, such as SMEs, who might be unaware that they have experienced a cyber attack, to take the required remediation action.