Newsletter
IT and Cyber Security News Update from
Centre for Research and Prevention of Computer
Crimes,
Courtesy - Sysman Computers Private Limited, Mumbai (www.sysman.in)
Since June 2005 January
19, 2015 Issue
no 1532
Tenth year of
uninterrupted publication
Todays edition
PHISH : Fake PMO website 'Pradhan mantri adarsh yojna' busted, mastermind
nabbed from Kolkata
ATTACK : France
Sees 19,000 Cyberattacks Since Terror Rampage
STOLEN : China stole plans for a new
fighter plane, spy documents have revealed
THREAT : Cyber
Warfare and Cyber Weapons, a Real and Growing Threat
(Click on heading above to jump to related item. Click on Top to be back here)
PHISH : Fake PMO website 'Pradhan mantri adarsh yojna'
busted, mastermind nabbed from Kolkata
Zee Media Bureau
January 18, 2015
New Delhi: In a major achievement,
Delhi Police Crime Branch busted a fake website of the Prime Minister's Office
(PMO) named 'Pradhan Mantri Adarsh Yojna'.
According to police, the mastermind of
the said racket has been identified as Sudipta
Chatterjee, who managed the website from Kolkata. Police arrested him on
Saturday after getting a secret information about the
fake website which used to cheat several people on the pretext of providing
them government loans after receiving some initial deposits.
The website was being run from Howrah
in West Bengal with an active call centre with 17 telephone callers who used to
give the applicants the registration number of their application form, as per
reports.
Interestingly, the tele-callers
were specially trained by Sudipta and scripts were
provided to them which were prepared with great care and caution, so that the
prospective client had no idea of being cheated.
There were a few clauses about the
banking transactions, in which the client would be persuaded that he has to
maintain a specified amount in his account as security.
The mastermind would also obtain
signed cheques, ATM cards, PIN number of the accounts
and would direct the client that he should not avail any telebanking
or net banking facility on that account.
Once these steps were completed, he
would withdraw the security amount from the client`s account.
Chatterjee also disclosed that his
associate was a web designer who helped him create other domains by the name of
bharat-sarkar.in, govindia.in, CGTMSE-govt.in,
CGTMSE-gov.in.
He also created similar e-mails by the
name of goi@developmentofindia.in and project@developmentofindia.in.
According to the police official,
Chatterjee created the fake website, projected it as a government one and
hosted it on a server based in the US.
"To confuse the users, the URL
had the reflection of a government website and it was listed on priority with
Google. Whenever, any online surfer would search this website would figure in
the top hits. There were sufficient reasons to believe it was a government
website, he said, " Joint Commissioner of Police
(Crime Branch) Ravindra Yadav
said on Sunday.
Details of the server were obtained on
the basis of the fake URL -- www.pmay-gov.in.
Yesterday, in a joint operation by
Delhi and West Bengal Police, Sudipta Chatterjee, the
43-year-old mastermind of the racket, was arrested from Howrah, where the
network had its base.
"The fake website was created
with the aim of cheating people of their money on the pretext of providing them loans for various projects and schemes," Yadav added.
Twenty mobile phones, hard disks,
internet dongles, cheques related to 43 bank
accounts, fake project reports, some incriminating documents along with 16
rubber stamps of government offices were recovered from his possession.
Earlier, the PMO
had asked the Cyber Security Cell of the Department of IT to block all fake
accounts as these had content having "communal overtones" and could
have serious ramifications as these could be mistaken as the official account
of the PMO.
The PMO had
initially asked Twitter to shut down some handles but after it was not done,
the matter was referred to the Cyber Security Cell.
The deadline was given after Twitter
failed to respond to the Ministry of Home Affairs' request to issue show cause
notices on offensive and provocative Twitter handles.
Former Union home secretary RK Singh had then asked the Department of Electronics and
Information Technology (DEIT) to serve the ultimatum
on Twitter as it failed to comply with the government order to block 28 webpages on its site.
ATTACK : France Sees 19,000 Cyberattacks Since Terror Rampage
By JAMEY KEATEN
and SYLVIE CORBET
Associated Press
Jan 15, 2015
Hackers have targeted about 19,000
French websites since a rampage by Islamic extremists left 20 dead last week, a
top French cyberdefense official said Thursday as the
president tried to calm the nation's inflamed religious tensions.
France is on edge since last week's
attacks, which began Jan. 7 at the satirical newspaper Charlie Hebdo. The paper, repeatedly threatened for its caricatures
of the Muslim Prophet Muhammad, buried several of its slain staff members
Thursday even as it reprinted another weekly issue with Muhammad on its cover.
Calling it an unprecedented surge,
Adm. Arnaud Coustilliere, head of cyberdefense
for the French military, said about 19,000 French websites had faced cyberattacks in recent days, some carried out by well-known
Islamic hacker groups.
The attacks, mostly relatively minor
denial-of-service attacks, hit sites as varied as military regiments to pizza
shops but none appeared to have caused serious damage, he said. Military
authorities launched round-the-clock surveillance to protect the government
sites still coming under attack.
"What's new, what's important, is
that this is 19,000 sites that's never been seen before," Coustilliere said. "This is the first time that a
country has been faced with such a large wave."
Among the groups suspected of
launching the attacks, French officials named MECA:
Middle East Cyber Army, Fallaga team and Cyber
Caliphate.
According to Arbor Networks, a private
company that monitors Internet threats, in the past 24 hours alone, France was
the target of 1,070 denial of service attacks. That's
about a quarter as many as the United States, but the U.S. hosts 30 times as
many websites.
Coustilliere called the
attacks a response to the massive demonstrations against terrorism that drew
3.7 million people into the streets Sunday across France. He pointed to
"structured groups" that used tactics like posting symbols of
jihadist groups on companies' Web sites.
Two of the Paris terror attackers
claimed allegiances to al-Qaida in Yemen and a third to the Islamic State
group.
Meanwhile, Belgian authorities were
looking into possible links between a man they arrested in the southern
Charleroi region for illegal trade in weapons and the Paris kosher grocery
attacker, Amedy Coulibaly.
"The man claims that he wanted to
buy a car from the wife of Coulibaly," said
federal prosecutor's spokesman Eric Van der Sypt. "At this moment this is the only link between
what happened in Paris."
The terror attacks in Paris occurred
in an atmosphere of rising anti-Semitism in France and have prompted scattered
retaliatory violence against Muslims and Muslim sites around France. Justice
officials have also been cracking down by arresting dozens of people who
glorified terrorism or made racist or anti-Semitic remarks.
French President Francois Hollande insisted Thursday that any anti-Muslim or
anti-Semitic acts must be "severely punished." He said France's
millions of Muslims should be protected and respected, "just as they
themselves should respect the nation" and its
strictly secular values.
"In the face of terrorism, we are
all united," he said at the Institute of the Arab World in Paris.
The government announced Thursday it
would give citizenship to a Malian immigrant who saved several Jewish shoppers
last week by hiding them in the kosher market's basement before sneaking out to
brief police on Coulibaly, the hostage-taker
upstairs. Interior Minister Bernard Cazeneuve said he
would personally preside over the ceremony for Lassana
Bathily on Tuesday.
Among the victims buried Thursday were
Charlie Hebdo cartoonists Georges Wolinski
and Bernard Verlhac, both laid to rest in Paris'
famed Pere-Lachaise cemetery. Verlhac,
who drew under the name Tignous, was buried in a
plain wood coffin decorated with cartoons by his friends.
Three other victims of the attacks
Charlie Hebdo columnists Bernard Maris and Elsa Cayat, and Franck Brinsolaro, the
policeman bodyguard for slain Charlie Hebdo chief Stephane Charbonnier were also
buried Thursday.
With 120,000 security forces deployed
to prevent future attacks, nerves jumped overnight when a car rammed into a
policewoman guarding the president's palace. Prosecutors and police said,
however, the incident at the Elysee Palace had no
apparent links to last week's shootings.
A car carrying four people took a
one-way street in the wrong direction then drove off when the police officer
tried to stop them. The officer sustained slight leg injuries, police said. Two
people were later arrested and two others in the car fled.
Customers lined up again Thursday to
try to get copies of Charlie Hebdo's first edition
since the attacks. Even though it had a special increased print run of 5
million copies, it sold out before dawn Thursday in Paris kiosks for a second
straight day.
Some Muslims, who believe their faith
forbids depictions of the prophet, reacted with dismay or anger to the new
cover. In Pakistan, lawmakers marched outside parliament Thursday to protest
the publication.
A leader of Yemen's al-Qaida branch
officially claimed responsibility for the attacks at Charlie Hebdo, saying in a video the slayings were in
"vengeance for the prophet." But U.S. and French intelligence
officials lean toward an assessment that the Paris terror attacks were inspired
by al-Qaida but not directly supervised by the group.
Speaking on the papal plane, Pope
Francis expressed his belief that there were limits to freedom of expression,
using Alberto Gasparri, who organizes papal trips and
was standing by his side, as an example.
"If my good friend Dr. Gasparri says a curse word against my mother, he can expect
a punch," Francis said, throwing a pretend punch. "You cannot
provoke. You cannot insult the faith of others. You cannot make fun of the
faith of others."
STOLEN : China stole plans for a new
fighter plane, spy documents have revealed
Chinese
cyber spies have stolen details relating to the Joint Strike Fighter, or F-35
Lightning
By Philip Dorling
January 18, 2015
Chinese spies stole key
design information about Australia's new Joint Strike Fighter, according to top
secret documents disclosed by former US intelligence contractor Edward Snowden.
German magazine Der Spiegel has published new disclosures of signals
intelligence collected by the United States National Security Agency (NSA) and its "Five Eyes" partners, including the
Australian Signals Directorate. The intelligence reveals new details of the
directorate's efforts to track and combat Chinese cyber-espionage.
According to a top secret NSA presentation, Chinese cyber spies have stolen huge
volumes of sensitive military information, including "many terabytes of
data" relating to the
The leaked document shows
that stolen design information included details of the JSF's
radar systems which are used to identify and track targets; detailed engine
schematics; methods for cooling exhaust gases; and "aft deck heating
contour maps".
Although it has been
previously alleged the F-35 has been a target of Chinese cyber-espionage, the
Snowden documents provide the first public confirmation of how much the highly
sensitive data has been compromised.
Military aviation experts
have speculated that the design of China's new "fifth-generation"
fighters - the Chengdu J-20 and the Shenyang J-31 - have been extensively
influenced by design information stolen from the United States, significantly
eroding the air power superiority the US and its allies have long enjoyed.
In April 2014 Prime Minister
Tony Abbott announced that Australia would buy 58 more F-35 fighters at a cost
of more than $12 billion. The extra aircraft will bring Australia's total
planned JSF force to 72 aircraft, with the first of
them to enter service with the Royal Australian Air Force in 2020.
"The fifth-generation
F-35 is the most advanced fighter in production anywhere in the world and will
make a vital contribution to our national security," Mr Abbott said.
In June 2013 US Defense
Department acquisitions chief Frank Kendall told a US Senate hearing that he
was "reasonably confident" classified information related to the
development of the F-35 was now well protected.
It is understood the main data breach took place at the prime contractor
Lockheed Martin in 2007.
The Snowden documents confirm
the Australian Government has been informed of the "serious damage"
caused by Chinese cyber-espionage against the JSF.
The leaked US NSA briefings, which predate
Australia's acquisition of the fighter, are marked as releasable to all members
of Five Eyes, which comprises the US, Britain, Canada, Australia and New
Zealand.
The Snowden documents also
show that Chinese cyber-espionage operations, codenamed "Byzantine
Hades" by the Five Eyes partners, have enjoyed other successes with the US
Defense Department registering over 500 "significant intrusions" in
one year. Damage assessment and network
repair costs amounted to more than $US100 million ($121 million).
Sensitive
military technologies and data stolen included information relating to the B-2
stealth bomber; the F-22 Raptor stealth fighter; nuclear submarine and naval air-defence missile designs; and tens of thousands of military
personnel records.
The total data theft was
estimated to be equivalent to "five Libraries of Congress (50
terabytes)."
However, the documents also
show that the NSA and its Five Eyes partners have
penetrated China's espionage agencies, such as infiltrating the computer of a
high-ranking Chinese military official and accessing information about Chinese
intelligence targets in the US government and other foreign governments.
The Australian government has
repeatedly refused to comment on specific disclosures from the documents leaked
by Mr Snowden. However, federal Attorney-General George Brandis
has called Mr Snowden "an American traitor".
THREAT : Cyber Warfare and Cyber
Weapons, a Real and Growing Threat
By
Daniel Brecht
15
January 2015
http://resources.infosecinstitute.com/cyber-warfare-cyber-weapons-real-growing-threat/
Numerous
malicious attacks on computers and mobile devices as well as networks of
important entities have recently made the news and have brought back to the
surface the debate on cyber warfare and the dangerousness of cyber weapons.
The
increasing dependence on the Internet and the recent spur of attacks are
beginning to create greater concern.
The
fear is not just based on the possibility that a cyber attack could simply
cause the non-availability of information and services we are now accustomed
to. The Internet has not just reshaped the way we obtain news, communicate with
others, take care of our finances, watch TV and listen to music, but it is also
permeating other essential fields of our lives.
From
power smart grids to the Internet of Things, the potential targets of cyber
warriors are now multiple and the possible consequences catastrophic.
Premeditated, politically or socially motivated attacks against a
computer-dependent society could be orchestrated by foreign powers and affect
nations at any level: from the availability of utilities, to denied access to
important financial and medical information, to causing a significant impact on
national GDPs.
This
article will explore the concept of cyber warfare and cyber weapons, plus
recount latest happenings and discuss whether the danger is real.
Cyber
Warfare and Cyber Weapons
The
definition of cyber warfare and cyber weapons is not as clear-cut as it might
seem. Distinguishing these attacks from simple cyber crimes is essential to
define rules of engagements by countries and to establish what should be
considered a direct act of war against the sovereignty and wellbeing of a
state.
According
to the Tallin Manual on the International Law
Applicable to Cyber Warfare a study commissioned by the NATO Cooperative
Cyber Defence Centre of Excellence that is not
considered a legally binging document cyber weapons
are cyber means of warfare designed, used or intended to cause either injury or
death of people or damage to or destruction of objects.
Without
a globally recognized definition, however, it is hard to strictly define and
recognize true acts of cyber warfare, prevent attacks, hold entities
accountable and define legal responses. The inability to agree to basic notions
is a considerable weakness in the international arena and leaves space to much
uncertainty and endless possibilities for nations beginning to employ these
warfare techniques.
Several
definitions have been given by scholars, but, in general, a cyber weapon is
intuitively considered any software, virus, and intrusion device that can
disrupt critical infrastructures of other countries, from military defense
systems to communications to electric power smart grids to financial systems
and air traffic control.
Debates
have been rising on the possibility to consider cyber weapons tools used not
only to directly impair systems but also to spy on nations through cyber
espionage. Again, the lack of a globally-recognized legal definition doesnt
help.
Have
cyber weapons ever been deployed? You may recognize an incident that happened
in 2009, the first known use of a cyber weapon: Stuxnet.
It was a complex piece of malware believed to be an example of government cyber
weapon aimed at severely disrupting the Iranian nuclear program. The paternity
of the attack has been a source of debate, but in the end, it was believed to
be a joint US/Israel operation. Stuxnet targeted a
plant in Natanz, Iran. By turning off valves and
impairing centrifuges, equipment was damaged and the Iranian uranium enrichment
program effectively slowed down.
However,
Stuxnet might have not even been the first cyber war
tool directed toward Iran. Flame, another powerful malware
that masqueraded itself as a routine Microsoft software update, had already
been used to map and monitor Iranian networks and collect critical information.
Is
a Cyber World War a Concern?
A
2013 report by Director of National Intelligence James R. Clapper explained
that the possibility of a major cyber attack to US critical infrastructures
causing a long-term and widespread disruption of services by major players like
Russia and China is remote. However, smaller scale attacks by smaller states or
non-state entities seem to be a concern. According to the report, less
advanced but highly motivated actors could access some poorly protected US
networks that control core functions, such as power generation, during the next
two years, although their ability to leverage that access to cause high-impact,
systemic disruptions will probably be limited. At the same time, there is a
risk that unsophisticated attacks would have significant outcomes due to
unexpected system configurations and mistakes, or that vulnerability at one
node might spill over and contaminate other parts of a networked system.
This
may not come as a surprise to anyone, but any telecommunications infrastructure
attack could cause enough harm to generate fear. Every government or
corporation entire infrastructure, let alone the public at large, may be at
stake.
Can
digital attacks really have tangible effects? Absolutely.
An oil pipeline in Turkey was cyber attacked and exploded in 2008. The pipeline
was super-pressurized and alarms were shut off. By hacking security cameras,
attackers (allegedly Russian) were able to hide the blast from the control room
that, unaware, was unable to respond promptly. Another attack to a German steel
company demonstrated how, by simply infiltrating the information systems
running the plant, hackers could cause major damage.
Although
not a single Internet successful attack has been recognized as directed by a
foreign terror organization against the United States homeland, there have been
instances of intrusions intended to inflict significant harm on the American
government or state agency, as well as US businesses. Last November, there was
an intrusion into the networks of the Department of the State that led to the
unclassified email system shutdown. Carol Morello,
the diplomatic correspondent for The Washington Post who covered the affair,
noted the activity was related to hacking of White House computers reported a
month prior, and to security breaches that occurred at both the U.S. Postal
Service and the National Weather Service. Those incidents pointed to Russian
hackers as prime suspects; the perpetrators were believed to be working
directly for the Russian government. Sony Pictures Entertainment (SPE) is another recent case; its networks were infected in
a November 2014 incident. According to the FBI, the occurrence resembled past
cyber efforts by North Korea.
What
makes a cyber warfare attack appealing? Mainly the fact that
it can come at little or no cost for the perpetrator. An attacker with
great technical capabilities can create disruption by using a single computer
wherever he or she is located. While the use of conventional weapons requires
expensive manufacturing and physical travel to target locations, cyber attacks
can be conducted from anywhere. Traditional weapons have a cost that might be
prohibitive for many and are hard to transport (or deliver) in secrecy. In
other cases, attacks might require the sacrifice of the offenders. Cyber
attacks are quick, can be equally destructive and can definitely be inexpensive
to execute.
According
to Amy Chang, research associate at the Center for a New American Security,
Cyber warfare is a great alternative to conventional weapons. [
] It is
cheaper for and far more accessible to these small nation-states. It allows
these countries to pull off attacks without as much risk of getting caught and
without the repercussions when they are.
Accountability
is hard to prove when cyber weapons are used. By using several proxies or
infecting computers indirectly, it is difficult to trace back to a particular
malicious hacker or organization on any form of attacks. And even if a culprit
is found, it is hard to accuse a nation of a deliberate act of war, especially
due to lack of a legal framework.
The
problem today is that we live in a high-tech world of uncertainty where people
are not well trained and equipped for these new threats that can disrupt
communications, and network traffic to and from websites and can potentially
paralyze Internet service providers (ISPs) at the international level across
national borders. So, in the face of constant security threats, there is a need
for all to fully understand how to handle cyber
security issues and cyber war and how to mitigate risks and minimize the
damage, as best as possible if the circumstances arise.
Cyberspace
and its Security
What
can be done and who should act in defense of a nations cyberspace? The answer
may be complicated. Defending cyberspace is not an easy feat, considering the
number of interconnected computers, mobile devices and networks. The majority
of the systems, including those regulating nations critical infrastructures,
are interconnected and then vulnerable not only to direct attacks but also to
infection by transmission. Ironically, the numerous technological advances
might also pose a risk, as cyber terrorists seem to be always a step forward in
identifying security vulnerabilities before security experts can patch them.
Lack of recognized rules in cyberspace and difficulty to implement boundaries
complete the picture.
Lacking
a real global response to cyber warfare, many countries and organizations are
creating structures and task forces to prepare against cyber threats. According
to intelligence studies, more than 140 countries have funded cyber weapon
development programs. The U.S. is particularly active and created the USCYBERCOM that plans, coordinates, integrates,
synchronizes, and conducts activities to: direct the operations and defense of
specified Department of Defense information networks and; prepare to, and when
directed, conduct full-spectrum military cyberspace operations in order to enable
actions in all domains, ensure US/Allied freedom of action in cyberspace and
deny the same to our adversaries.
In
2012, the U.S. Defense Advanced Research Projects Agency (DARPA)
invested $110 million in Plan X, a Cyberspace is now recognized as a critical
domain of operations by the U.S. military and its protection is a national
security issue. Plan X is a foundational cyberwarfare
program to develop platforms for the Department of Defense to plan for,
conduct, and assess cyber warfare in a manner similar to kinetic warfare. The
program was included in DARPAs reported $1.54
billion cyber budget for 2013-2017.
Recently,
the U.S. Naval Academy also received $120M to build a classified cyber warfare
center in 2016. The center will allow midshipmen to work on classified system
and acquire cyber warfare skills.
Organizations
like the European Advanced Cyber Defence Centre (ACDC), the NATO Computer Incident Response Capability (NCIRC) and the Internet Engineering Task Force (IETF), amongst many others, are working on fighting back
against organized, international cyber criminals that have used cyberspace as a
warfighting domain.
However,
this may not be enough to avoid terrorism-based cyberwar
attacks, so everyone ought to prepare proactively and effectively by securing
systems as much as possible. In an Internet-connected world, every end user is
at risk, either directly or indirectly. The Internet provides many different
ways to attack. Internet-connected systems must be secured on a global scale.
With
cyberspace being so vast, flexible, and unregulated, all its users are highly
vulnerable to dangers from outside threats. Recent cyber attacks highlight the
potential threat posed by information warfare tactics and techniques that use
computer connectivity and exploit vulnerabilities sometimes caused by users
inattentiveness or lack of basic cyber security practices.
Proper
use of intrusion-detection and intrusion-prevention systems (IDS/IPS) and firewalls (a networks first line of defense
against threats) is a basic response. Through real-time analysis of network
traffici.e., to investigate and contain these security threatspeople can
detect the majority of the less sophisticated hacking attacks at a user level.
Larger
companies must be more aware than ever about their network security
vulnerabilities and secure their properties with proper Advanced Threat
Protection Platforms for endpoint protection and server security.
In
the case of government-orchestrated cyber attacks, one of the main lines of
defense is the creation of a common front against attackers. There is no better
time than now to open collaboration and dialogue amongst various industries and
government agencies to take action. Attacks against larger, interconnected
systems might be more easily disclosed by comparing data and creating common
task forces. Detection and prevention alone may not be enough to stop the
attackers, each time, but at least it may inhibit future, similar threats.
The
Internet might be becoming a new weapon for terrorists, so overcoming cyber
vulnerability requires multiple different organizations to come forward and
stop the launch of cyber threats that can manipulate the physical world while
operating without international boundaries.
Conclusion
Some
of the numerous larger-scale cyber attacks can be intuitively considered acts
of cyber war. With many countries large and small investing in cyber warfare,
it is impossible not to think of the use of information warfare as a new form
of terrorism. Information warfare goes beyond simply attacking computers and
communications networks, as a computer-literate terrorist can wreak havoc
causing physical destruction and harm to populations. The Internet can be
turned into a weapon used against targets by terrorists hidden in cyberspace to
carry out cyber violence and disruption, while being physically located
elsewhere. Computer-related crimes, as an extension of terrorist attacks, have
the potential of bringing catastrophic side effects.
Cyberspace
is increasingly becoming a place of risk and danger, vulnerable to hacks and
cyber warfare. With todays civilization dependent on interconnected cyber
systems to virtually operate many of the critical systems that make our daily
lives easier, it is obvious that cyber warfare can be the choice for many
governments and states, especially those that dont have access to expensive,
conventional weapons of mass destruction.
So,
how do we counteract such attacks? If cyber warfare is considered war, then
anti-terrorism defenses must be deployed. First, though, a legal basis for
responses to attacks must be defined. A legal definition of cyber war and cyber
weapon, a definition agreed upon globally, is necessary to define the
perimeters within which nations can operate in cyberspace. It is important to
define what to consider cyber espionage, cyber war or an act of simple hacking.
Lacking
a clear definition and a global cyber etiquette,
nations are left with creating their own defense against cyber weapons and
cyber espionage. Exploring real-world examples, continuously monitoring the
Information Superhighway, and endorsing cyber security awareness, web security
and online safety are the tools currently available for an effective
international governance of the Internet.
Although
the United States has not been subjective to real, destructive cyber terrorism
as of today, in terms of hostile action or threat, it has identified a number
of ways terrorists can use the computer as a tool for hacking or information
warfare. As the job of a cyberterrorist has become
more difficult to detect, in time, information control may also be critical for
successful counter-terrorism and avoidance of infrastructure warfare.
Therefore, it is paramount to investigate some common
defense mechanisms that can help pinpoint and capture these threats before they
affect massive numbers of people and impair activities in a much more pervasive
way.
Domain Suffix
A domain suffix is the last part of a domain name and is
often referred to as a "top-level domain" or TLD.
Popular domain suffixes include ".com," ".net," and
".org," but there are dozens of domain suffixes approved by ICANN.
Each domain suffix is intended to define the type of
website represented by the domain name. For example, ".com" domains
are meant for commercial websites, whereas ".org" domains are to be
used by organizations. However, since any entity can register domain names with
these suffixes, the domain suffix does not always represent the type of website
that uses the domain name. For example, many individuals and organizations
register ".com" domain names for non-commercial purposes, since the
".com" domain is the most recognized.
Each country also has a unique domain suffix that is meant
to be used for websites within the country. For example, Brazilian websites may
use the ".br" domain suffix, Chinese
websites may use the ".cn" suffix, and
Australian websites may use the ".au" suffix. These country-based TLDs, sometimes referred to as "country codes,"
are also used to specify different versions of an international website. For
example, the German home page for Google is "www.google.de" instead
of "www.google.com."
The means of defense against
foreign danger historically have become the instruments of tyranny at home.
James Madison
Note -