Page 29 - Risk Management Bulletin April -June 2021
P. 29
RMAI BULLETIN APRIL TO JUNE 2021
Domains Are a Critical Component of Common Tactics Outcome
Your Enterprise Risk Management Email account take Legitimate email addresses
A recent report "Domain Security: A Critical over (ATO) are weaponized via email
Component of Enterprise Risk Management" published account breaches
by the Interisle Consulting Group highlights why Domain account Legitimate domains and
domain security should be a critical component of take over (ATO) connected web services are
enterprise risk management, a proposal that resonates
weaponized via domain
closely with what we at CSC advocate.
registrar and dns/cloud
The report describes the current threat landscape account breaches
characterized by cyberattacks that use domain names Website, app and Fraudulent web content is
as a resource for spammers or cybercriminals to
conduct phishing, fraud, malware, ransomware, social media profile used as bait
spoofing
distributed denial of service (DDoS) attacks, and data
breaches. They either register confusingly similar The report from Interisle Consulting Group further
domains to existing brands or exploit legitimate quotes from CSC's 2020 Domain Security Report that
domains by compromising web servers or domain only 47% of the Forbes Global 2000 use enterprise-
registration accounts to seize control of the domains class registrars, and more dismally, their own research
and domain name system (DNS), then manipulate reveals that only 10% of FDIC-insured U.S. banks use
them for malicious purposes. enterprise-class registrars. This means the
Every minute a website is unable to process overwhelming majority are taking a huge risk by using
transactions - or the days an organization is unable to consumer-grade registrars that are characterized by
operate while their systems are held at ransom - volume sales and commodity pricing with "little margin
equates to costly revenue loss and reputation damage for them to implement costly security measures. Multi-
that organizations cannot afford. As a result, there factor authentication is not widely deployed, and
have been increasing cyber insurance claims and the registrar assistance with email authentication and
need for companies to have higher levels of risk integrity or [DNS security extensions] DNSSEC is rare."
assessment and compliance. Yet cyber threats continue Some of these consumer-grade registrars even display
to occur at increasing frequency, even among large indicators of criminality, offering bulk registration
enterprises and governments. services, name generation tools, and have persistently
"Because incidents and responses attract public high concentrations of spam domains under
attention, there is an overemphasis on attack response management.
and underemphasis on pro-active, preventative
measures to detect, identify, and mitigate threats "The threat landscape for domain names and their
before an attack can occur." owners is no different from the landscapes for other
assets that enterprises fold into enterprise risk
At CSC, we have isolated the common phishing tactics management."
that we see cybercriminals and fraudsters using by
taking advantage of already established brand trust: Interisle recommends incorporating domain security
Common Tactics Outcome into enterprise risk management and for organizations
to use enterprise-class registrars that understand "the
Domain spoofing Rogue domains and
and look-alike connected web services look needs of customers who place a high value on their
domains authentic domain names, consider their domain names and
online presence to be business-critical, or recognize
Spoofing email Email messages appear to be that their business or brands may be highly-targeted
headers coming from someone else
for abuse or criminal activities. (Courtesy CSC)
"Do not click on any unknown link via SMS and email for making a digital payment."
27
