Industry executives and experts share their predictions for 2022. Read them in this 14th annual VMblog.com series exclusive.
Increased Focus on Preventative Security Measures across Forbes Global 2000 Companies including Retail and Insurance Providers
By Ihab Shraim, Chief
Technology Officer, CSC DBS
With cybercrime on the rise, companies and
government agencies in 2021 experienced increased threat vectors targeting
corporate and government online domain name portfolios, including ransomware (malware), phishing, online brand
abuse, trademark infringements, business email compromise (BEC) and supply
chain attacks. Looking forward to 2022, with domain cyber threats rising, we
see companies and government agencies are more exposed to much higher risks in
the coming year.
Improving their online domain name portfolio
cybersecurity posture needs to be a greater focus for companies going into the New
Year. Unprotected domain names pose a significant threat to their online
overall cyber security posture, leading to potential data exfiltration, intellectual
property theft, supply chain issues, revenue leakage and/or loss, and
reputation damage.
The
Retail Industry Ups Its Domain Security Game: CSC's
annual assessment of verticals' domain security practices showed the retail
industry was lagging other verticals when it comes to domain name security
measure implementations. However, this holiday season will be a forcing
mechanism for the retail industry, which is faced with massive supply chain
issues leaving their customers searching and guessing where they can find their
next gifts. Unconsciously searching on domains that seem associated with the
retail brand they love but are actually owned by nefarious third parties will
put more consumers at risk, and retailers will respond in the New Year by
implementing measures such as utilizing certificate authority authorization
(CAA) records. This measure allows a retail brand to designate a specific
certificate authority (CA) to be the sole issuer of certificates for the
company's domains.
Phishing
Attacks Will Increase in Frequency: Companies will continue to fall to
cyberattacks, with the most dangerous types being phishing attacks that lead to
ransomware (malware) attacks or impersonation fraud that leads to PII theft. Phishing
campaigns launched by bad actors capitalize on targeting their attacks based on
seasonal holidays and world events (e.g. COVID). In 2022, we will see these
types of attacks mostly delivered via targeted email campaigns, as they are
using them as an enabler for the next big attack. Adversaries are creating nefarious domains with legitimate brands consumers
otherwise think are safe, adding them to different platforms such as the
various types of social media, search engines, copycat websites, and fake
online stores to give them a false sense of security. We will see more
companies leveraging best practices for
security protocols, and implementing preventative measures (e.g. registry locks
to prevent domain hijacking, phishing partnerships, etc.) to protect themselves
in this digital-first global economy.
See RSA Conference 2021 presentation on "Critical DNS & Domain Name Security Intelligence to
Thwart Cyberattacks": https://www.youtube.com/watch?v=dzTAYOG1nVc
Brand
Infringement and Abuse: We are seeing a continued spike in third
party domain registrations since early 2020. In comparison to previous years,
we are also seeing attacks being started earlier (i.e. registrations lying
dormant for longer) before fraud taking place. Looking at our trending Q4 2021
enforcements, this tends to be coming from retail registrars. Looking to other
trends, CSC is also seeing increased attention by social media platforms on
developing greater tools for enforcement on their networks. Facebook, now Meta,
has recently greatly advanced its tools and we expect to see others follow
suit. Finally, 2022 may be the year where marketplaces are held to account for
online counterfeiting in ways we have not seen before. We have seen a number of
countries announce legislation targeting these issues; in fact, the UK and U.S.
are in the final stages of passing laws. The key will be how these are
implemented and if they fragment and decentralize their policies on a local
level.
Security Posture and Threat Intelligence: CISOs have a huge responsibility toward detecting,
analyzing and mitigating threat vectors targeting their corporation and/or government
agencies. They need full visibility of external threats targeting their exposed
online surfaces (domain name portfolios, DNS, websites, etc.) and of internal
threats (shadow IT, rogue employees, etc.). Therefore, we predict that this
topic is going to gain much more focus in 2022 as corporations and government
agencies are going to have deeper focus on connecting the dots between these various
threat vectors. Moreover, connecting the dots means analyzing and correlating
these security events via machine learning (ML) and Artificial Intelligence
(AI) technologies. Lastly, it is crucial to corporations and government
agencies to either do it themselves or pick partners who are specialized in detecting,
analyzing, mitigating and applying global enforcements in order to address the
various external threat vectors targeting them.
Emergence
of Internal Domain Security Focus: Domain security will grow in importance in
terms of protecting companies from a wide array of cyberattack vectors,
including phishing. Due to increasing interest in securing domains, more
organizations will be developing domain security councils and teams, which will
be part of InfoSec, marketing and legal teams. This responsibility will be
embedded in the DNA of the security posture.
In the past, brand protection bad actors were focused on three
different types of attacks, namely brand abuse, brand infringement and brand
revenue leakage. There is significant evidence the deployment methods of brand
threats are now resembling fraud threat vectors (e.g. phishing). Therefore, the
InfoSec teams will be more focused on securing the domain name portfolio to
protect against these two threat vectors.
Increased
Focus on Domain-Based Message Authentication, Reporting, and Conformance (DMARC): We've
seen a focus on DMARC in the U.S. as a way to protect organizations. However,
moving forward in 2022, we will see this become of greater importance
internationally as well. The recent CSC
Domain Security research showed that only 50% of Forbes 2000 Global
companies surveyed were using DMARC. In looking at a company's' security
posture, we can see that they have DMARC, but what we can't see is if it is put
into working order. DMARC is an email validation system designed to protect a
company's email domain from being used for email spoofing, phishing scams, and
other cybercrime. It's very easy to spoof email and make it look like it's
being sent from a legitimate source when it really isn't. Authenticating the
email channel with DMARC minimizes the incidence of email spoofing and
potential phishing.
Cybersecurity
Insurance Providers Start to Scrutinize Companies' Domain Security Practices: In
2022 and beyond, cybersecurity insurance will become more focused on including
domain name portfolio scoring in order to evaluate the security posture of a
particular corporation. In the past, this area was just a normal checklist
item, however, with the rise of the various threat vectors targeting the domain
name portfolio, there will certainly be more attention on it in the
cybersecurity world.
##
ABOUT
THE AUTHOR
Ihab
Shraim is the chief technology officer (CTO) with CSC
DBS. He is responsible for the vision,
innovation, and product revenue growth within the company's cyber security,
domain security, fraud protection, and brand protection lines of business.