Avivah Litan

A member of the Gartner Blog Network

Avivah Litan
VP Distinguished Analyst
12 years at Gartner
30 years IT industry

Avivah Litan is a Vice President and Distinguished Analyst in Gartner Research. Her area of expertise includes financial fraud, authentication, access management, identity proofing, identity theft, fraud detection and prevention applications…Read Full Bio

Coverage Areas:

New ICANN Web Address scheme will increase cyberattacks

by Avivah Litan  |  January 10, 2012  |  3 Comments

The new ICANN arrangement for opening up new domains and web addresses that becomes effective this week is good news for fraudsters. Other Gartner analysts, i.e. Andrew Frank, Lydia Leong and Ray Valdes, cover the overriding advertising and domain registration/monitoring aspects but from a fraud point of view, this is bad news for legitimate users.

This will make it much easier for hackers to phish or spoof consumers (and thereby deliver malware to endpoints and/or collect sensitive information) because:

a. They can make use of unlimited choices to spoof known brands – meaning consumers will have a much harder time knowing what’s real and what isn’t

b. It will be exponentially that much harder to detect the spoof site using customer feedback mechanisms, and that much harder to take them down since they won’t be identified as quickly

c. Brand protection will be much costlier because there is exponentially more to monitor.

All is not lost however to the hackers. There are a series of measures enterprises worried about their brands being phished can take by adopting a layered security approach that includes:

1. anti-phishing services that detect and take down phishing attacks

2. email-certification and blocking services

3. Phishing site linkage detection and browser protection

While it will cost enterprises precious resources to adopt these services, it’s time for them to start looking outside their firewalls in order to protect their assets and users. The ICANN decision adds a sense of urgency to the matter.

3 Comments »

Category: Uncategorized     Tags:

3 responses so far ↓

  • 1 ICANN to Open Domains, Web Address Extensions - Fundamental Technology Partners Inc.   January 11, 2012 at 2:25 pm

    [...] “This will make it much easier for hackers to phish or spoof consumers (and thereby deliver malware to endpoints and/or collect sensitive information) because they can make use of unlimited choices to spoof known brands – meaning consumers will have a much harder time knowing what’s real and what isn’t,” Litan wrote in a company blog post. [...]

  • 2 ICANN to Open Domains, Web Address Extensions | | UTILITY DOCUMENTSUTILITY DOCUMENTS   January 11, 2012 at 3:22 pm

    [...] “This will make it most easier for hackers to phish or travesty consumers (and thereby broach malware to endpoints and/or collect supportive information) given they can make use of total choices to travesty famous brands – definition consumers will have a most harder time meaningful what’s genuine and what isn’t,” Litan wrote in a company blog post. [...]

  • 3 ICANN to Open Domains, Web Address Extensions » Techno Capital   January 11, 2012 at 6:10 pm

    [...] “This will make it much easier for hackers to phish or spoof consumers (and thereby deliver malware to endpoints and/or collect sensitive information) because they can make use of unlimited choices to spoof known brands – meaning consumers will have a much harder time knowing what’s real and what isn’t,” Litan wrote in a company blog post. [...]