Home / Blogs

New CSC Report Emphasizes Need for Holistic Domain Security Amid Surge in Popularity for AI

It seems that every day, a new artificial intelligence (AI) capability emerges, posing exciting possibilities for technological advancements—but also great potential to equal or greater risks. Cybercriminals have taken notice of this rapid surge in the popularity of AI technologies and are attempting to take advantage. As a result, many brands are frequently exposed to online risks that they’re not fully aware of or equipped to prevent; therefore, companies with gaps in protection will continue to face threats of fraud, phishing, and other types of brand infringement.

CSC’s 2023 Domain Security Report sheds light on this gap. We found that 43% of Forbes Global 2000 companies’ .AI domain extensions are owned by third parties, and 49% of the same companies’ .AI domains remain open and unregistered. Lack of direct ownership of these domains causes brands to be more vulnerable to third-party influence and heightens their risk of brand infringement and other cyberattacks. There’s also a 350% year-over-year increase in domain dispute cases involving .AI extensions in 2023 from companies who realized .AI domains using their brand were misappropriated by third parties.

With proper domain security in place, companies can effectively prevent attackers from taking advantage of exposed domains that may otherwise go unnoticed. But how does a company thoroughly protect their brand from fraud?

Maximizing tools in your domain security repertoire

Domain security is the protective shield from brand infringement that every organization needs but does not always prioritize. In fact, our latest 2023 Domain Security Report found that over 100 of the largest companies in the world don’t deploy any recommended domain security measures, leaving them with the highest risk of domain security threats, and in turn, risks of business disruption and reputation damage.

Our 2023 Domain Security Report further highlights that—despite rising phishing, online fraud, and counterfeit activity—many companies still overlook foundational domain security measures such as registry lock, domain-based message authentication, reporting, and conformance (DMARC), domain name system security extension (DNSSEC), and DNS redundancy. For example, only 23% of companies use registry lock. This creates a perfect shadow for cybercriminals to lurk in, allowing them to take advantage of trusted brands.

Also, our report found that 79% of the registered domains that resembled the Global 2000 Brands (homoglyphs) are owned by third parties. Of these fake domains owned by third parties other than the Global 2000 company, 40% have MX records configured that could be used in a future phishing attack. MX records allow emails to be sent that look like they come from the brand. Companies need to not only have defensive security measures in place, but they need to monitor the internet as it’s an exposed attack surface for bad actors.

Lastly, our report touched on subdomain hijacking threats. CSC analyzed over six million DNS records from our database and found that 21% of active DNS subdomain records don’t resolve, leaving companies vulnerable to subdomain hijacking. We did this investigation to understand the current state of company subdomain management and how this will impact their overall corporate security posture.

Evolving protection alongside technology

Domain security is a critical component of brand protection and something businesses cannot afford to overlook. As the world’s largest corporate domain name registrar, CSC works to protect and manage core and tactical domain names while also developing ongoing and proactive dynamic brand monitoring programs for threats outside the domain portfolio. This holistic approach is crucial for brands to gain visibility into all facets of their domain, including emerging areas as a result of advancements in technology. Ultimately, a security-minded domain registrar can help brands build the necessary protection against brand infringement and fraud.

Read the full 2023 Domain Security Report here.

By Vic DeBari, Global Director, Advisory and Engagement at CSC

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

DNS

Sponsored byDNIB.com

Threat Intelligence

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

IPv4 Markets

Sponsored byIPv4.Global

Brand Protection

Sponsored byCSC