Domain Security: An Underused Cybersecurity Strategy and First Line of Defense in Your Zero Trust Model

Domain Security: An Underused Cybersecurity Strategy and First Line of Defense in Your Zero Trust Model

Domain security is a critical component to help mitigate cyberattacks in the early stages—your first line of defense in your organization’s Zero Trust model. According to the Cybersecurity and Infrastructure Security Agency (CISA), most cyberattacks—including ransomware and business email compromise (BEC)—begin with phishing. Although losses due to ransomware now exceed billions annually, most ransomware protection and response measures don’t adequately address phishing risks in the early stages of an attack because they don’t include domain security measures to protect against the most common phishing attacks.

Bad actors are using company domain names for malicious attacks more than ever before. Research shows that phishing and related malware attacks most commonly occur from a compromised or hijacked legitimate domain name, a maliciously registered and confusingly similar domain name, or via email spoofing.

CSC’s research shows more than 7 out of 10 domain names on the internet that contain brand names are fake

The epicenter for fraud, consumer safety peril, and misinformation are infringing domains that include brand names. Over the past three years, CSC has reviewed data sets and has published research findings on domain names that use top brand names in their URL, or confusingly similar domain names (homoglyphs), that are owned by third parties.

In each research report, CSC identified the percentage of domains owned by third parties, or in other words, not the brands themselves. Often the intent of these suspicious or malicious domain registrations is to leverage the trust consumers have for the targeted brand to launch phishing attacks, other forms of digital brand abuse, or IP infringement that leads to revenue loss, traffic diversion, and a diminished brand reputation. There are endless domain spoofing tactics and permutations that can be used by phishers and malicious third parties.

CSC research of top brands has found that 70% or more domains registered with a brand name in the domain, including confusingly similar domain names, are registered with a third party who is not the brand owner.

CSC research reveals brand-specific domain names that are third-party owned are fake

  CSC’s domain security research% domains owned by third parties% third-party domains configured with MX records
U.S. Election-Related Web Properties Prone to Fraud and Misinformation Due to Lack of Domain Security  97%  69%
Holiday Shoppers Beware: Tips for Global Brand Owners and Consumers to Safeguard Against Domain Security Threats    70%  48%
CSC’s 2021 Domain Security Report    70%  57%
Two-Year Analysis: The Impact of COVID-19 on Internet Security and Safety  80%  33%

Between one- and two-thirds of these domains are configured with MX records, which can enable criminals to launch email phishing campaigns.

Domain security intelligence is power

Domain security intelligence is the first line of defense in preventing a variety of cyberattacks. The more information extracted and shared with key decision makers means less opportunity for cybercriminals to compromise a brand’s domains. In this digital economy, where hackers can breach networks to harvest credentials through basic phishing schemes, it’s essential to secure the domains that run websites, email, applications, and more.

CSC’s newly launched DomainSec platform is the first of its kind to deliver a holistic approach for securing and defending brands’ domain portfolio ecosystems. It uses proprietary technology combined with machine learning, artificial intelligence, and clustering technology to generate invaluable security insights to help thwart brand abuse and cybersecurity incidents.

Introducing CSC’s 3D domain name monitoring solution

CSC’s 3D Domain Monitoring and Enforcement service provide a multi-dimensional view of various threat vectors outside the firewall targeting specific domains. With corporations operating multiple brands, with hundreds or even thousands of domains within their portfolio, rapid detection and de-activation of confusingly similar domains imitating brands are crucial. The 3D product is powered by one of the largest data lakes associated with domain name-centric data, equipped with a correlation engine, machine learning, and clustering technology.

CSC’s 3D Domain Monitoring interrogates generic top-level domain (gTLD) and country-code top-level domain (ccTLD) zones files to identify all newly registered, re-registered, and dropped domain names—then augments that information with domain threat intelligence data to identify any suspicious domain names that could pose a potential risk to a company. This results in accurately identifying threat vectors, such as phishing and brand attacks. Based on those findings, CSC takes the appropriate enforcement to mitigate the problem.

To learn more, visit 3D Domain Monitoring at cscdbs.com.