Phishing

Cyber risk of internet domain registration system overlooked, official says

Domain names - internet and web telecommunication concept. 3d rendering

CyberScoop reports that the internet domain registration system has been noted by U.S. Secret Service Cyber Policy and Strategy Director Matt Noyes to be a neglected attack vector despite the cybersecurity risks it brings.

Tackling illicit phishing URLs approved by domain registrars has been challenging since the U.S. relinquished its hold on the Internet Assigned Numbers Authority, said Noyes at this year's Identity, Authentication and the Road Ahead Policy Forum.

"That is fundamentally a failure of internet governance that we have not created identity checks to ensure that when someone is registering names and numbers or concentrating a huge amount of abuse in fraudulent activity in particular ASN, autonomous system numbers, that it's getting addressed and cleaned up," noted Noyes, who emphasized the need for proactive measures among leading internet providers.

Additional efforts to combat business email compromise attacks, which account for a chunk of internet-related fraud in the U.S., are also needed, he added.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds