New CSC Research Finds Over 90% of Websites Linked to Donald Trump and Joe Biden Campaigns at Risk for Potential Redirection, Disinformation, and Data Theft
CSC, a world leader in business, legal, tax, and domain security, today released new research from their Digital Brand Services (DBS) division that reveals areas of risk for prominent election-related websites. The research indicates that web domains closely linked to the campaign websites for Joe Biden and Donald Trump lack basic domain security protocols and are being targeted for disinformation activities such as domain spoofing, and threats including domain name and domain name system (DNS) hijacking, and phishing.
On the heels of its recent Forbes Global 2000 research, CSC is seeing major risks related to the manipulation of web properties that voters rely on for information and donations. Findings show that over 90% of these web properties are not using registry locks to protect their domains from domain and DNS hijacking that can lead to phishing attacks, network breaches, and email compromise.
“As noted in our previous research, we’ve consistently seen domains emerge as a threat vector for enterprises, and an area that is continuously overlooked in cyber security. Due to the sensitivity and importance of the U.S. election process, domain security remains a major vulnerability for the potential of foreign interference, fraud, and misinformation,” says Mark Calandra, executive vice president for CSC DBS. “As an organization with the most visibility into the domain landscape, we advocate for the sanctity of voter trust and encourage both presidential candidates and other websites in the electoral ecosystem to prioritize domain security on their websites to ensure security and build confidence.”
"We have reached the point where awareness is not enough. Those responsible for managing domain registrations, including registrars and hosting companies, need to have an actionable plan that is aligned with best practices. Additionally, experiences must be shared between those within the industry for the good of the wider internet community," said Matthew Stith, industry liaison at Spamhaus. “Without this commitment, users will be open to continued manipulation and fraud."
In April of 2020 when domain names were at the center of many COVID-19 related fraud schemes, Senators Mazie K. Hirono (D-Hawaii), Cory Booker (D-N.J.), and Maggie Hassan (D-N.H.) called on domain name registrars and hosting sites to combat scams and misinformation. CSC’s research shows that domain security and preventing domain spoofing continue to be an oversight even with top election-related web properties. Our research shows that more than 75% of these election-related domains are using retail-grade domain registrars, which do not provide advanced security protocols.
Our research also showed that, of the typo domains related to joebiden.com and donaldjtrump.com, 60% are still available for registration, thereby posing future threats. Additionally, more than a third of those presidential candidate typo domains are linked to third parties; of that one third, nearly 70%:
- Are configured to send and receive emails, which can be used to lure donors to phishing sites
- Were registered in 2020 leading up to the November election
- Disguise the owner’s identity behind proxy or privacy services
With cyber criminals subverting activities on these websites to disseminate misinformation or commit fraud against web visitors, there is also the threat of ransomware. Simon Chassar, chief revenue officer at NTT Ltd.’s Security division states, "NTT's September Monthly Threat Report identified ransomware as a significant threat to the U.S. election infrastructure. With DNS, domains, and email being a potential vehicle to distribute malicious content, our NTT Ltd. Security division suggests focus in this area, ensuring it is secure by design."
For additional details on these findings, visit the CSC blog “U.S. Election-Related Web Properties Prone to Fraud and Misinformation Due to Lack of Domain Security.”
Note: CSC aggregated this data using SimilarWeb.com for the period of August 1 – August 30, 2020.
CSC is the trusted provider of choice for the Forbes Global 2000 and the 100 Best Global Brands® in enterprise domain names, domain name system (DNS), digital certificate management, as well as digital brand and fraud protection. As global companies make significant investments in their security posture, CSC can help them understand known security blind spots that exist and help them secure their digital assets. By leveraging CSC’s proprietary solutions, companies can get secure to protect against cyber threats to their online assets, helping them avoid devastating revenue loss, brand reputation damage, or significant financial penalties because of policies like the General Data Protection Regulation (GDPR). CSC also provides online brand protection—the combination of online brand monitoring and enforcement activities—taking a holistic approach to digital asset protection, along with fraud protection services to combat phishing. Headquartered in Wilmington, Delaware, USA, since 1899, CSC has offices throughout the United States, Canada, Europe, and the Asia-Pacific region. CSC is a global company capable of doing business wherever our clients are—and we accomplish that by employing experts in every business we serve. Visit cscdbs.com.
About Business Wire
(c) 2018 Business Wire, Inc., All rights reserved.
Business Wire, a Berkshire Hathaway company, is the global leader in multiplatform press release distribution.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Advanced Technology Research Council Announces ‘ASPIRE’ – to Drive the Creation of Future Transformative Technologies25.11.2020 12:22:00 CET | Press release
The newly established Advanced Technology Research Council (ATRC) has today announced its plans to drive the creation of future transformative technologies with the launch of its dedicated technology programme management pillar, ASPIRE. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20201125005562/en/ His Excellency Faisal Al Bannai, Secretary-General of Advanced Technology Research Council (Photo: AETOSWire) ASPIRE works in consultation with cross-sector industry stakeholders to frame problem statements that can be solved through research and development. By defining the problem, setting milestones, and monitoring the progress of the projects, ASPIRE facilitates a clear path from ‘lab to market.’ ASPIRE will make impactful decisions related to the selection of research partners and the allocation of funding. It will ensure that its R&D priorities align with Abu Dhabi and the UAE's broader development goals. ASPIRE will also l
Celltrion completes enrolment for global Phase II clinical trial with COVID-19 treatment candidate CT-P5925.11.2020 12:13:00 CET | Press release
Celltrion Group today announced enrolment completion of 327 patients with mild-to-moderate symptoms of SARS-CoV-2 infection in the global Phase II clinical trial of CT-P59, an anti-COVID-19 monoclonal antibody treatment candidate. Celltrion anticipates submission for emergency use authorisation (EUA) to the Korean Ministry of Food and Drug Safety (MFDS), conditional on results from the global Phase II pivotal trial. The global Phase II clinical trial is a randomised, double-blind, placebo-controlled and parallel-group trial designed to evaluate the efficacy and safety of CT-P59 in combination with standard of care in patients with SARS-CoV-2 infection. The trial enrolled 327 patients with mild-to-moderate symptoms of COVID-19 across three groups (placebo, low concentration, high concentration) and Celltrion is set to obtain the results for global Phase II trial. In addition, Celltrion plans to initiate a global Phase III clinical trial in more than 10 countries in order to obtain more
iHeartMedia and Podimo Partner to Translate and Adapt Widely Popular Podcasts For Listeners Globally25.11.2020 12:00:00 CET | Press release
iHeartMedia, the No. 1 audio company in America and the No. 1 podcast publisher globally, and European podcast platform Podimo today announced a strategic partnership to translate and adapt popular podcasts across the globe in different languages, introducing these podcasts to hundreds of millions of new listeners. The partnership will kick off with the widely popular true crime podcast “Forgotten: Women of Juárez” (Olvidadas: Muertes de Juárez) about femicides in Mexico’s most dangerous city in three languages: Spanish, German and Danish. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20201125005440/en/ In one of 2020’s most intimate and shocking true crime podcasts, “Forgotten: Women of Juárez,” from iHeartMedia and Unusual Productions, hosts Mónica Ortiz Uribe and Oz Woloshyn investigate theories surrounding the disappearance of hundreds of young women along the Mexican border city of Juárez. Some are tragically found with
RIDDLE&CODE Launches Trusted Gateway to Accelerate the Future of the Distributed Energy Market and Enable New Business Models25.11.2020 10:30:00 CET | Press release
The shift from the centralised energy system with a small number of dominant bulk producers to a decentralised renewable marketplace with a multiway flow of information requires not only new business models and entities but also a guarantee that the data generated out of them are trusted and immutable. RIDDLE&CODE laid the foundation for accelerating the future of decentralised energy by introducing the Trusted Gateway. At the core of the Trusted Gateway is the Secure Element, a part of RIDDLE&CODE’s “Built for Blockchain” product range, enabling the secure storage of the digital identity (private key) on any device through a combination of hardware and software. By providing secure public/private key infrastructure, the Trusted Gateway solves the problem of machine identity and creates a unique, cryptographically secured digital representation of an object, assigning it with identity, addressability and transaction capabilities. “In the context of the energy system, by giving the digi
BearingPoint: Organizations That Invest in Frontline Managerial Skills Are More Resilient and Adaptable Than Competitors25.11.2020 08:57:00 CET | Press release
The Covid-19 pandemic has shown that organizations that invest in frontline managerial skills are more resilient and adaptable than competitors. Frontline managers initiate process improvements and new ways of working. According to a recent study by the BearingPoint Institute, the research arm of management and technology consultancy BearingPoint, company leaders must make frontline managers a driving force for change to ensure transformation success and adapt to market changes. "With transformational pressures exerting themselves on business, frontline managers have never been more crucial to organizations. Our study shows how important it is to develop, empower and unleash the skills, enthusiasm, and innovation of these leaders. It is the only way to get the most out of digitalization and quickly adapt to the continuously changing market. Investing in frontline management will not only mean continuing success, but it will help you identify and hone tomorrow's leaders," says André Est
European Commission Approves Janssen’s TREMFYA ® ▼ (guselkumab), a First-in-Class Treatment for Active Psoriatic Arthritis (PsA)25.11.2020 08:00:00 CET | Press release
The Janssen Pharmaceutical Companies of Johnson & Johnson announced today that the European Commission (EC) has approved TREMFYA®▼ (guselkumab) for the treatment of adult patients with active psoriatic arthritis (PsA) who have had an inadequate response or who have been intolerant to a prior disease-modifying antirheumatic drug (DMARD) therapy. Guselkumab is the first approved fully human monoclonal antibody that selectively binds to the p19 subunit of interleukin (IL)-23 and inhibits its interaction with the IL-23 receptor. It is already approved for the treatment of patients with moderate to severe plaque psoriasis. IL-23 is an important driver of the progression of inflammatory diseases including psoriasis and PsA, among others.1 PsA is a multifaceted, chronic, immune-mediated inflammatory disease that is progressive and is characterised by debilitating joint damage and inflammation, in addition to enthesitis, dactylitis, axial disease, and the skin lesions associated with psoriasis