For most people, a domain is just an address that you type into a browser, but for businesses, domain names are the foundation of their online presence. A recent article says, “When it comes to operating a business online, the domain name is the center of everything. The domain name should ensure a frictionless and painless experience for the company, its customers, its partners and suppliers, and its employees.”

In this blog, we’ll explore why the humble domain name means so much more with regards to online security, and why good domain security and portfolio management are essential to an organization’s online presence—and what happens without it.

Setting the scene

Imagine the scenario. You log into your computer and go to your company website. It’s down, returning an error message. You open your emails to send a message to IT to let them know. It opens, but you can’t connect, and can neither send nor receive emails. You open your company’s softphone application to call IT. That’s not working either. There’s been a security breach; cyber criminals have targeted your organization and now all of your communications tools aren’t working, as well as your website. How did they manage to infiltrate your systems?

Here’s another scenario. You work for Toyworld, a manufacturer of children’s toys. Counterfeiters are selling fake versions of your products on bogus websites that look and feel like your website, but offer the goods at vastly discounted prices. It’s not only an intellectual property infringement, it’s also directing traffic away from your website, causing you to lose revenue, and it’s reported that some of the fakes that are battery powered are catching on fire due to shoddy electrics, putting consumers’ health and safety at risk and damaging your reputation. You need to take down these websites as quickly and effectively as possible, but where do you start?

Final one; you work for a financial institution and your boss sends you an urgent email asking you to set up a new supplier and pay them as soon as possible. She’ll be in meetings until late, she says, and it needs to be done by the end of the day; it’s 4:50 p.m. What you don’t know is that the email is not from your boss, it’s actually from a phisher trying to extort money from the company. How did the phisher manage to send an email to you posing as your boss?

The answer to all three of these questions is domains.

In the first example, cyber criminals can use domain name or domain name system (DNS) hijacking to take down or redirect websites—or bring down email, virtual private networks (VPNs), and voice over IP (VoIP)—putting that business in jeopardy of revenue or brand reputation loss. When cyber criminals penetrate your domain name or DNS, they can then use phishing techniques to harvest credentials and ultimately breach your network. Such breaches expose personal information and can leave your organization vulnerable to significant financial penalties due to policies like the General Data Protection Regulation (GDPR). All of this can happen through the compromise of a single domain name, making domains a high-risk vulnerability.

In scenario two, the crux of the issue lies with the existence of the websites in the first place—and to create a website, you must register a domain. The counterfeiter buys a domain that includes your company’s brand name (e.g., toyworld-sale.com), likely at low cost from a retail-grade registrar, and sets up their website with your organization’s branding. With a domain monitoring and takedown service, you can cluster abusive sites owned by the same registrants and get them taken down in bulk.

Finally, phishing attacks of all kinds—not just a business email compromise (BEC) scam like the example mentioned—start with, yes you’ve guessed it, a domain name. Phishers buy a domain that is usually only one letter different to a genuine domain, or in some cases, they pick up domains that have been accidentally lapsed, and then use social engineering techniques to trick their target into sharing personal details, downloading malware (which can then compromise your DNS), or paying money.

So as you can see, it only takes one slip-up to bring down your company’s online presence or put consumers and staff at risk when it comes to domains. That’s why at CSC, we advocate comprehensive domain security and portfolio management, brand protection, and fraud protection solutions.

Protect the king

Securing domains is like protecting the king in a game of chess—once the king falls, the game is over. The other pieces in the chess set are your means of protecting him; with domains, these pieces are the key security protocols that you can put in place to protect your domains:

• DNS security extensions (DNSSEC)—validates each step of the domain look-up process, preventing DNS spoofing, SAD DNS attacks, and cache poisoning.
• Registry lock—prevents the making of any unauthorized changes to your domains at the registry level.
• Domain-based message authentication, reporting, and conformance (DMARC), sender policy framework (SPF) and DomainKeys identified mail (DKIM)—email authentication protocols to ensure that any emails received are coming from where or who they say they are, preventing phishing attacks like BEC, spear phishing, and whaling.
• Digital certificates and certificate authority authorization (CAA) records—digital certificates ensure a secure environment for your customers to visit or purchase things from your official website. CAA records make sure that bad actors can’t issue your certificates with an unapproved certificate authority.

Finally, working with a single enterprise-class provider—which not only offers all of the above security protocols, but also has domain, brand protection, and fraud protection offerings under one roof—means that your whole online presence will be the most secure it can be.

We’re ready to talk

If you’d like to find out more about any of the issues in this blog, visit our domain security page or complete our contact form.