Report: More domains, more problems
The world to the right of the dot is getting larger with the addition of hundreds of new generic top-level domains like .club, .xyz and .guru, and security firm Raytheon|Websense says they are a boon for hackers, cyber thieves and online scam artists.
The Internet Corporation for Assigned Names and Numbers, which sanctions the new gTLDs, has authorized more than 800 of them as of November, according to Raytheon’s 2016 Websense Security Predictions report.
Within the next few years, that number is expected to swell by an additional 1,300. Some new examples include .car, .wine, .mom and .family, as well a number of big brands.
“For those accustomed to the old Internet of .com, .edu, .gov, .net, .org, and .info; your intimate little neighborhood is about to get a lot more neighbors,” states the report, out Wednesday.
While this expansion will create vast new tracts of Internet real estate, it is currently “primarily an asset being cultivated by criminals to confuse users and to ensnare and entrap their computers with malware,” Raytheon|Websense warns.
“Will consumers shopping for a computer steer towards shop.apple, apple.macintosh or apple.computer? Will businesses users with Salesforce accounts respond to an email that comes from renewal.salesforce, salesforce.software or salesforce.updates?” The report asks.
“This potential confusion is a golden opportunity for criminals and nation-state attackers to create highly effective social engineering lures to steer unsuspecting users toward malware and data loss,” the authors argue.
The company’s experts have predicted a mushrooming in spam campaigns as a direct result of domain expansion. In an analysis of several different new gTLDs, they concluded that millions of URLs were “suspicious or directly malicious.”
More perturbing is that defenders are largely unprepared to face a threat pool of this magnitude. If the cybersecurity industry is to counter the domain threat, proactivity coupled with close monitoring will be critical, argue the report authors.
“Defenders should recognize that all new technologies hold possibilities for adoption by attackers,” said the report. “Thus, the savvy defender should carefully consider each major change to our ecosystem before waiting for the wave of attacks.”
An earlier version of this story erroneously identified the company publishing the report as Raytheon. It is Raytheon|Websense.