Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore the security vulnerabilities that arise when government domains expire and fall into private hands in this 40-minute conference talk from 39C3. Discover how expired domains from German federal ministries and agencies were acquired, revealing significant data streams and security risks within government networks. Learn about the months-long investigation that captured DNS queries from federal networks, demonstrating how such vulnerabilities could enable account takeovers, email signature validation manipulation, request redirection, and potentially code execution on government systems. Examine the technical and organizational weaknesses behind these incidents, including misconfigurations, bitsquatting, and typosquatting phenomena within administrative networks. Understand how operating a DNS server and acquiring domains like bund.ee (similar to bund.de through typosquatting/bitsquatting) enabled the reception of numerous DNS queries from servers of the Federal Ministry of the Interior (BMI) and other federal institutions. Analyze practical examples and data findings that reveal insights into state IT infrastructure through DNS details, while exploring why Germany lacks widespread adoption of standardized government domains like gov.uk, instead relying on individual ministry domains that may change with government transitions. Gain recommendations for preventing similar incidents in the future through responsible disclosure practices and improved domain management strategies.
