CYBERSECURITY REPORT 2021
PUNTUEUS HAS MANAGED 277 RISK CASES IN THE LAST YEAR THE 2021 CYBERSECURITY REPORT INCLUDES THE NUMBER, TYPE AND RESOLUTION OF CASES PROCESSED 85% of the risk cases detected by PUNTUEUS in 2021 have been malignant domains. 0.02% of the total of 13,083 registered .EUS domains. When we talk about malicious domains we are referring to domains created with malicious intent; according to the 2021 report, most were created using algorithms (200) and the rest (35) were suspected of bad practices. Algorithmically created names are also used in botnet and malware attacks, but most cases have been predictively identified and remediated before any attack occurs. Thus, in total, PUNTUEUS has blocked 235 .EUS domains in 2021. One of the most important tasks of PUNTUEUS is to ensure the digital security of users and continuous monitoring of .EUS websites. This allows detecting misuse on the web sites and preventing risks and threats. This permanent analysis identifies not only the malicious registries detected, but also the compromised domains. These have accounted for 14% of the cases identified in the last year. Compromised domains are .EUS domains attacked by a third party. When the compromised domain is identified, the owner of this domain is informed of the attack suffered and is helped to solve the problem. In fact, it is usual that those responsible for the web have not been aware of the attack. Manex Garaio, technological manager of PUNTUEUS, has pointed out that “among the cases of abuse that we receive, the registration of malicious domains is usually temporary and lasts 3-4 days. In a case of this type, special attention is required to block the domains as they are generated. The case of compromised domains is different: in these cases our goal is to help domain owners as much as possible, since it is common not to know how to deal with the problem.“ The main tool used to detect cases of risk is the Abuse IQ system. In addition, PUNTUEUS collaborations with the Basque Cybersecurity Center and the Global Cyber Alliance are important to ensure cybersecurity. DATA DETECTED RISKS 277 CASES DETECTED BY TYPE 0 Botnet 200 Generated domains 3 Compromised 1 Hacked 38 Suspicious 11 Malware 2 Phishing 5 Scam 9 Spam 5 Covid 2 Identity Fraud 1 Policy Breach CASE RESOLUTION BY TYPE 3 false positives 36 solved 235 blocked domains 2 no evidence 1 rejected claim VOCABULARY BOTNET Networks of devices used to carry out scams and cyberattacks. GENERATED DOMAINS Domains that have been generated, often via an algorithm. COMPROMISED The website or service offered using the domain nme has been compromised and is being used with malicious intent. HACKED Sites that have been compromised by hackers. SUSPICIOUS Domains showing suspicious behaviors. MALWARE Software intended to damage systems or networks. PHISING Fraudulent attempt to obtain sensitive information. SCAM Fraudulent or deceptive act or operation. SPAM Unsolicited emails sent to multiple recipients. COVID 19 Fraudulent records made using the Covid 19 subject. IDENTITY FRAUD The registrant and/or person responsible for publishing content in the domain is using a fraudulent or stolen identity. POLICY BREACH The registrant of the domain does not comply with the terms of the registration policy.