Most Large Enterprises Fail to Protect Their Domain Names

  /     /     /  
Publicated : 23/11/2024   Category : security


Most Large Enterprises Fail to Protect Their Domain Names


Of the largest 2,000 companies in the world, 81% fail to take simple security measures, such as locking their domain with the registrar, leaving them open to domain shenanigans.



Bad actors have accelerated their purchase of domains that look similar to the brands of the largest 2,000 companies in the world, with 60% of such domains registered to risky third parties, not the companies themselves,.
A new study published this week by domain-name management firm Corporation Service Company (CSC) analyzed the domain records of companies in the Forbes Global 2000 and used a fuzzy-matching algorithm to detect domains that were similar to those companies domain names — so-called homoglyphs. CSC found that 70% of similar domains had been registered by third parties, with more than half of homoglyphs (60%) registered in the past two years.
Despite the existence of what are likely bad actors, however, 81% of large enterprises do not take basic domain security precautions, such as using the registry lock protocol, says Vincent D’Angelo, global director at CSC Digital Brand Services.
There are all these proactive controls that companies could put in place to prevent hijacking, he says. While there is no single magic bullet, the use of several of these controls make [their domains] that much harder to compromise.
Domain hijacking is not uncommon, and when attackers gain access to a domain, they can cause significant damage to both the brand and to users systems.
Perl Domain Stolen
On Jan. 27, for example, Perl.com, a site dedicated to articles about the Perl programming language, had
its domain stolen by bad actors
. The original surreptitious transfer happened in September 2020, and may have resulted from stolen credentials. In January, the cybercriminals behind the theft listed the domain for sale for $190,000 on the AfterNIC marketplace before the auction was pulled down. Within a week, Perl.com had returned to the original owner, but other domains were stolen at the same time.
The
CSC report
found that typical uses of domains that are similar to known brands — often called typosquatting — include taking advantage of accidental visitors by hosting advertising and pay-per-click Web content. While more than half (56%) pointed to such profit-seeking schemes, and another 38% led to inactive websites, only 6% led to outright malicious content and malware.
From the analysis of these domains owned by third parties, many have a high propensity to be used as malicious domains for cyber attacks, CSC stated in the report. The registrants typically hide behind privacy services or redacted WHOIS to mask their identities, register domains that look confusingly similar to known brands, and use tactics to look legitimate to entice an end user to click on a link, or trust a site that is infringing on a brand.
Risky domain registrations include those domains that appear similar to the original corporate domains — a so-called homoglyph — and are registered by third party with a consumer-grade registrar, according to CSC. While the company did not disclose the number of fuzzy-matched domains, the vast majority use privacy services to hide the owner of the domain, and 43% have their MX records configured, allowing them to send and receive email.
The large enterprises lag behind in security measures, according to CSCs report. Only 19% had the registry lock enabled on their domain, which protects the domain from being easily transferred. In addition, only 17% of companies had redundant DNS services to protect against denial-of-service attacks.
While 84% of companies had their Sender Policy Framework (SPF) records set, only 11% also had their DomainKeys Identified Mail (DKIM) configured, and only 50% had DMARC set up.
Overall, companies in only two of 27 industries — media and information technology — had a risk-mitigation effectiveness of moderate, according to CSC. The vast majority were moderately poor, while two others ranked poor.
Companies will not be able to just reserve domain names similar to their domain. With the expansion in top-level domains and attackers accelerating attempts to reserve homoglyphs, such an approach would be too expensive to work, says CSCs DAngelo.
It makes sense to own domain names that are high-value targets. Especially if you are a multinational operating in a particular country, you should own your brand in that country, he says. But with the growth in the number of third-party registrations, it becomes virtually impossible to have a defensive domain portfolio.
Instead, companies should monitor registrations to be aware if their brand is being attacked, and harden their domain registration services, he says.

Last News

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Most Large Enterprises Fail to Protect Their Domain Names