Year after year, cyberattacks become more rampant and aggressive, and 2023 was no different. You’d be surprised to know that last year, the global average cost of a data breach was USD 4.45 million, which was a whopping 15% increase over 3 years.
As a business owner, you would agree with us when we say that these attacks cost more than just financial loss and inconvenience. It is also about compromised sensitive information, tarnished reputations, lost customers, and potentially long-term financial damage.
And the worst part?
The situation is only going to deteriorate as the digital landscape evolves, year after year.
Moreover, to think that your organization can dodge these attacks might set you up for an unpleasant surprise.
As we enter 2024, the best thing you can do to mitigate the risk of cyberattacks like phishing is to learn from the mistakes made in 2023 and leverage those strategies in 2024.
Common Domain-Based Attacks in 2023
2023 was a year that changed the course of the cybersecurity industry with the intervention of Artificial Intelligence. As AI-powered attacks became more adverse in the last year, they pushed organizations to prioritize domain security to prevent attacks such as supply chain attacks, ransomware, and phishing attacks, among others.
Before we talk about the ways to reduce the risk of these attacks, let us take a look at some of the most common domain-based attacks that loom over 2023.
Image sourced from uptimerobot.com
Domain Hijacking in the Age of AI
Domain hijacking is a technique that threat actors employ to change the registration of a domain name without the domain owner’s knowledge. Now that more businesses are recognizing the relevance of AI and purchasing their own .AI (dot AI) domain names, it serves as a lucrative opportunity for attackers to claim these domains before legitimate owners can secure them.
According to CSC’s latest report, 84% of AI domains meant for top companies are actually in the hands of others. You can only imagine the gravity of the situation when industries like banking, IT software, and services are the worst hit!
Malicious Domain Registration
In 2023, cyberattackers resorted to a classic technique— employing homoglyphs to dupe the uninformed user with the aim of divulging sensitive information and implementing their nefarious intentions. But how do they even pull this off? The basic premise of this strategy is to trick the untrained eye into clicking suspicious links to execute a phishing attack.
By using homoglyphs—characters that look similar but are different—attackers create domain names that are visually indistinguishable from the genuine ones. For example, a lowercase ‘l’ might be replaced with the numeral ‘1’ or a ‘0’ (zero) with an ‘O’ (uppercase letter o).
You would be surprised to know that there are more than 79% of these homoglyph (fake) domains owned by third parties other than the Global 2000 brands.
Creating subdomains has now become a common practice among organizations that have various verticals. But what happens when these subdomains are unused and forgotten about?
They become bait for the uninformed user.
These subdomains fall into the hands of cybercriminals who use them for malicious activities like phishing or malware distribution, all under the garb of a reputable brand.
But why did subdomain hijacking suddenly become a thing of concern in 2023, you ask?
According to CSC’s 2023 Domain Security Report, out of the 6 million domain records that were examined, around 440,000 were at risk for subdomain hijacking, especially those connected to cloud services.
Security Trends that Shaped the 2023 Cybersecurity Landscape
The year 2023 witnessed many cybersecurity trends come and go. This made navigating the realm of cybersecurity more complex than ever. So, what is it that you should take away from 2023 that you should keep in mind moving forward?
Here are some of the key trends that you should know about:
Increase in Registry Locks, Yet High Risk for Global 2000
In 2023, more companies in the Global 2000 adopted registry locks, with the numbers rising from 17% in 2020 to 23% in the last year. A registry lock is basically a tool that enables end-to-end domain name transaction security to prevent any unauthorized entity from making any changes to your domain.
This trend garnered some limelight last year; however, there are still many domains that remain vulnerable, partly because not all global registries offer this service.
Inconsistent Implementation of Key DNS Security Measures
The adoption of crucial DNS security measures was not as straightforward as it should have been in 2023. While more companies employed domain name system security extensions (DNSSEC), growing from 3% in 2020 to 8% last year, there was an unprecedented drop in DNS redundancy as it went down by 1% to 19%.
Moreover, the use of Certification Authority Authorization (CAA) records saw a notable increase, moving from 3.8% to 8.4%.
Rapid Adoption of DMARC
With cyberattacks like phishing getting more frequent and sophisticated, organizations were left with no choice but to take cybersecurity seriously. A big step towards fortifying defenses has been the rapid DMARC adoption. Back in 2020, about 39% of companies were on board with DMARC, but by 2023, that number shot up to a whopping 67%.
Wondering what drove this sudden surge in the implementation? The Anti-Phishing Working Group (APWG) reported that 2022 broke records with over 4.7 million phishing attacks, so to keep up with the ever-evolving threat landscape, you need strong defenses like DMARC in your cybersecurity strategy.
Looks like the custodians of security are in the right direction, but there’s still a need to gain momentum. As we head into 2024, it is crucial to recognize the dynamics of the current cybersecurity landscape and adopt measures to mitigate the blow of cyberattacks like phishing and ransomware.