Most domains linked to US election vulnerable
Over 90% of web domains associated with the presidential election campaigns of Donald Trump and Joe Biden are not using registry locks to protect their domains from domain and DNS hijacking, research suggests.
The research from CSC’s Digital Branch Services division found that web domains closely linked to the campaign websites for Joe Biden and Donald Trump lack basic domain security protocols.
These domains are being targeted for disinformation activities such as domain spoofing, and threats including domain name and DNS hijacking and phishing.
Of the typo domains associated with joebiden.com and donaldjtrump.com, 60% are still available for registration, leaving them open to future threats. More than a third of currently registered typo domains are meanwhile linked to third parties.
Of this third, nearly 70% were registered in 2020 leading up to next month’s election, are configured to send and receive emails, which can be used to lure donors to phishing sites and conceal the domain owner’s identity behind proxy or privacy services.
Meanwhile, more than 75% of the election-related domains are using retail-grade domain registrars, which do not provide advanced security protocols.
“Due to the sensitivity and importance of the US election process, domain security remains a major vulnerability for the potential of foreign interference, fraud and misinformation,” CSC DBS Executive Vice President Mark Calandra said.
“As an organisation with the most visibility into the domain landscape, we advocate for the sanctity of voter trust and encourage both presidential candidates and other websites in the electoral ecosystem to prioritise domain security on their websites to ensure security and build confidence.”
Spamhaus Industry Liaison Matthew Smith added that his company, CSC DBS, and others have been banging the drum about the importance of securing election-related domains for some time.
“We have reached the point where awareness is not enough. Those responsible for managing domain registrations, including registrars and hosting companies, need to have an actionable plan that is aligned with best practices,” he said.
“Additionally, experiences must be shared between those within the industry for the good of the wider internet community.”
SolarWinds believes it has uncovered the highly sophisticated methods used to inject malicious...
Microsoft says the state attackers behind the SolarWinds Orion compromise viewed some of its...
US law enforcement and intelligence agencies are investigating an attack on government and...