GTBank website outage was likely caused by a delay in domain name renewal, not a hack

While early reports from several publications claimed the website of Guaranty Trust Bank (GTBank) was taken offline because of a cybersecurity attack, the truth may be a lot less dramatic. The bank’s website was offline from Tuesday night until the early hours of Thursday as IT teams worked to solve the issue. 

Four people with knowledge of the matter told TechCabal that the downtime was caused by a problem with the website’s domain name system (DNS) configuration. 

“They had issues with their domain name registration, and they had to make some changes or move it to a different domain name service,” a Chief Technology Officer (CTO) at one of Nigeria’s biggest fintechs told TechCabal. He asked not to be named so he could speak freely.  

Those comments suggest that GTBank forgot to renew ownership of its domain name. It may have presented an opportunity for unknown persons to buy the domain name in the hope that the company would be willing to pay a significant amount. 

“If GTBank has already patented its [website] name, they simply need to report the matter to the domain host, and after a few processes they can retrieve the site,” said a web developer who asked not to be named. “It is not a matter that can be simply resolved in a day. It will take time.”

GTBank did not immediately respond to a request for comments.

Lapses in renewing a company’s domain name are common. In 2015, Google missed the deadline to renew ownership of “google.com,” and a former employee bought it for $12. Google, which also owned the domain service provider, Google Domains, quickly reversed the transaction.

Microsoft also forgot to renew ownership of the hotmail.co.uk website in 2003.

“The custodian of the email tied to the domain name may have simply stopped working at the bank and didn’t hand it over to someone else,” one developer told TechCabal. He also suggested that the bureaucracy involved in vendor payment may have delayed the renewal.

At the time of this publication, some GTBank customers could access the website while others couldn’t. The problems with access could be linked to DNS propagation, which refers to the time it takes for changes to the domain record to take effect across all servers.

It could also be caused by a security feature called HTTP Strict Transport Security (HSTS) that forces browsers to connect to the website only over a secure encrypted connection. Banks use this feature to secure customer information.



from TechCabal https://ift.tt/450L1je
via IFTTT
Previous
Next Post »

Write your views on this post and share it. ConversionConversion EmoticonEmoticon