In this CSC Cyber Security Report: July 2018, we look at how the domain name system is a frequent target for cyber criminals, with distributed denial of service attacks being a common threat used to disrupt businesses in major industries and around the world. Email was identified as the biggest threat vector for attackers looking to compromise organizations[1], and has resulted in businesses around the globe losing over $5.3 billion through email scams[2].
The statistics are staggering, but the message is clear: every organization is at risk, including the social media platform LinkedIn®, which saw its access shut down due to a secure sockets layer certificate expiration, and even the Winter Olympics Games, fell victim to a web attack that blocked customers from accessing their ticket information for 12 hours during the Games.
We also analyzed the main domains of 100 large, global, public companies to see how they fare in terms of domain security. Our findings reveal there is more they can do to improve security in light of the changes the General Data Protection Regulation demands, as well as the Google® ChromeTM browser’s distrust of all non-HTTPS websites. We also share some best practices companies can adopt.
View a complimentary copy of the report here
[1] https://www.infosecurity-magazine.com/news/fsecure-email-still-the-weakest/
[2] https://securityledger.com/2017/05/fbi-business-email-compromise-is-a-5-billion-industry/