You’ve probably heard a lot about attack surface management. But what is it exactly? Simply put, it means reducing your company’s potential attack surface to as little as possible. Attack surface, in this case, refers to all possible avenues by which cybercriminals or threat actors can breach and compromise your network’s defenses.
This post lists down various ways by which you can secure your company’s digital assets and confidential data from unauthorized access via tried-and-tested attack surface management strategies.
Monitor Wild Domains and Subdomains
Wild domains and subdomains refer to web properties that use your brand name even if they don’t necessarily belong to your company.
A recent study took a look at the wild domain and subdomain footprints of 10 of the world’s most-imitated brands today—Amazon, Apple, Bank of America, CIBC, Desjardins, Facebook, Microsoft, Netflix, PayPal, and WhatsApp. Here’s a list of the study’s most relevant findings:
- The 10 most-spoofed brands had an average potential attack surface comprising 17,734 domains and subdomains.
- Typosquatting domains pertaining to the 10 brands could amplify the total domain attack surface significantly.
The study also showed that more popular organizations have greater potential attack surfaces due to the presence of wild domains and subdomains. But with the help of attack surface management solutions, attack surface reduction is doable.
Take an In-Depth Look at Non-Publicly Attributable Domains
Another study took a closer look at domains that seemingly belong to the top 25 Fortune 500 companies—Walmart, Amazon, Exxon Mobil, Apple, CVS Health, Berkshire Hathaway, UnitedHealth Group, McKesson, AT&T, AmerisourceBergen, Alphabet, Ford Motor, Cigna, Costco Wholesale, Chevron, Cardinal Health, JPMorgan Chase, General Motors, Walgreens Boots Alliance, Verizon Communications, Microsoft, Marathon Petroleum, Kroger, Fannie Mae, and Bank of America—even if they can’t be publicly attributed to the organizations they pretend to be part of.
Analyses using bulk WHOIS lookup and reverse WHOIS search tools revealed that:
- Around 92% of organizations in our sample didn’t hide their WHOIS record details from the public.
- A total of 63,215 domains contained the companies’ brands in their WHOIS records but only 68% of these sported their publicly recognized registrant organization names.
This study found that non-publicly attributable domains can increase any company’s exposure to cyber attacks. And that could mean loss of public trust and reputational damage, making attack surface management using domain intelligence tools a necessity.
Scrutinize IP Addresses and Domains Named as Threat IoCs
Many cybersecurity researchers and law enforcement agencies routinely publish indicators of compromise (IoCs) related to the latest and greatest threats. But not all of these lists are as comprehensive as you would like them to be. To make attack surface management a reality, all possible attack vectors need to be blocked throughout an organization’s network.
Let’s consider a study that looked more closely at the recent cyber attack targeting FINRA. It used a variety of domain and IP intelligence tools—WHOIS lookup, reverse WHOIS search, Domain Name System (DNS) lookup, and reverse IP/DNS lookup—to determine if a published list of IoCs is comprehensive. The verdict? The study found six additional IoCs that FINRA members could add to their blacklists to achieve the utmost protection.
A similar study on the recent SolarWinds hack revealed similar findings using pretty much the same tools—from an original IoC list containing 18 domains, an additional 4,673 domains and 1,240 subdomains should at the very least be considered suspicious.
Further scrutiny of IoCs can reveal more potential attack vectors that member organizations or product users of a targeted organization should be wary of. Only by doing so can they truly say they use effective attack surface management strategies.
There are several ways to beef up your company’s cybersecurity posture using effective attack surface management solutions. We presented only three, there are definitely others but what we featured can certainly give you a headstart.