Changes

The [[DSFI-TSG]] identified seven categories of attack vectors.<ref>[https://community.icann.org/display/DSFI/DSFI+TSG+Final+Report?preview=/176623416/176623417/DSFI-TSG-Final-Report.pdf DSFI-TSG Final Report, ICANN Community]</ref>

The [[DSFI-TSG]] identified seven categories of attack vectors.<ref>[https://community.icann.org/display/DSFI/DSFI+TSG+Final+Report?preview=/176623416/176623417/DSFI-TSG-Final-Report.pdf DSFI-TSG Final Report, ICANN Community]</ref>

===Identity and Access Management===  

===Identity and Access Management===  

* Attacks on and through credential systems result in the modification of registration data, which can lead to [[Domain Hijacking]], traffic interception, and [[social engineering attacks]].

* Attacks on and through credential systems result in the modification of registration data, which can lead to [[Domain Name Hijacking]], traffic interception, and [[Social Engineering Attacks]].

* when a registrant’s credentials are compromised, the attacker can impersonate the registrant to  

* when a registrant’s credentials are compromised, the attacker can impersonate the registrant to  

*# Transfer the domain out of the registrant’s control,  

*# Transfer the domain out of the registrant’s control,  

*# Modify authoritative records of the domain name, domain registration, or DNS service, or

*# Modify authoritative records of the domain name, domain registration, or DNS service, or

*# Delete or de-register the domain.

*# Delete or de-register the domain.

===Access Control and Authorization===

===Access Control and Authorization===

* Bad actors can gain access to unauthorized services and/or data. In the case of a subdomain takeover, non-authorized users gain access to publish content under a DNS label that they have not been authorized to control.  

* Bad actors can gain access to unauthorized services and/or data. In the case of a subdomain takeover, non-authorized users gain access to publish content under a DNS label that they have not been authorized to control.