.ie Domain Profile Report 2023

Cybersecurity – a key focus for the .ie namespace Number of cybersecurity attacks identified January – December 2023 0 20 40 60 80 100 Dec 23 Nov 23 Oct 23 Sep 23 Aug 23 Jul 23 Jun 23 May 23 Apr 23 Mar 23 Feb 23 Jan 23 Phishing URL Web Shell Defaced Website Web-Inject Malware URL Shopping Site Skimmer Survey Scam Other Attack Types Package Scam Phishkit Archive 53 31 42 27 40 43 52 48 92 44 48 32  Phishing URL  Web Shell  Defaced Website  Shopping Site Skimmer  Web-Inject Malware URL  Package Scam  Survey Scam  Phishkit Archive  Other Attack Types Source: Netcraft monitoring service of .ie domains Under the Network and Information Systems ( NIS ) Directive .ie is designated as an Operator of Essential Services (OES). As one of the guardians of Ireland’s national critical internet infrastructure , the .ie namespace, we are acutely aware of helping to protect Irish consumers and SMEs from cyber criminals. We take a number of steps to keep the .ie domain as safe as possible and this ensures that the level of security threat to .ie websites is a lot lower than other top level domains, such as .com. The SpamHaus Project , an international non-profit organisation that tracks spam and related cyber threats such as phishing, malware and botnets, collates a Badness Index for top level domains. The Badness Index of .ie is 0.1% / 0.00 compared to .cn China of 18.2% (score 1.64).. Proactively respond to online abuse We employ Netcraft , who provide internet security services, including cybercrime disruption. These services allow us to proactively respond to online abuse issues, such as websites that are hosting malware, phishing or botnets. Netcraft notifies our Registrars (companies that sell and manage .ie domains on our behalf) and the .ie domain holder. The domain holder can then, with the help of their Registrar or hosting provider, take the required corrective action. Netcraft will continue to monitor the website after the fix to ensure the issue is resolved. This service is invaluable as it helps innocent victims, such as SMEs who might be unaware that they have experienced a cyberattack and can take the required remediation action. Enforcing consumer protection protocols We have established protocols with regulators to address online illegality and to permit ‘take-down’ of .ie websites under certain circumstances. There is a Regulatory Authority Protocol for dealing with illegal content on .ie websites. The regulatory authorities with whom we engage include the Corporate Enforcement Agency , the Competition and Consumer Protection Commission , the Central Bank and the Garda National Cyber Crime Bureau , amongst others. Manually review .ie applications Only individuals and businesses with a provable connection to Ireland can register a .ie domain , and applications from new customers are manually reviewed to ensure that they meet this requirement. This process keeps the .ie domain largely free from registrations by bad actors for their quick-moving scams and other illegal activities that unmanaged domains cannot control as easily. 552 Jan – Dec 2023 .ie Domain Profile Report 2023 | 1