THE 2021 CYBERSECURITY REPORT INCLUDES THE NUMBER, TYPE AND RESOLUTION OF CASES PROCESSED

85% of the risk cases detected by PUNTUEUS in 2021 have been malignant domains. 0.02% of the total of 13,083 registered .EUS domains.

When we talk about malicious domains we are referring to domains created with malicious intent; according to the 2021 report, most were created using algorithms (200) and the rest (35) were suspected of bad practices. Algorithmically created names are also used in botnet and malware attacks, but most cases have been predictively identified and remediated before any attack occurs. Thus, in total, PUNTUEUS has blocked 235 .EUS domains in 2021.

One of the most important tasks of PUNTUEUS is to ensure the digital security of users and continuous monitoring of .EUS websites. This allows detecting misuse on the web sites and preventing risks and threats.

This permanent analysis identifies not only the malicious registries detected, but also the compromised domains. These have accounted for 14% of the cases identified in the last year.

Compromised domains are .EUS domains attacked by a third party. When the compromised domain is identified, the owner of this domain is informed of the attack suffered and is helped to solve the problem. In fact, it is usual that those responsible for the web have not been aware of the attack.

Manex Garaio, technological manager of PUNTUEUS, has pointed out that “among the cases of abuse that we receive, the registration of malicious domains is usually temporary and lasts 3-4 days. In a case of this type, special attention is required to block the domains as they are generated. The case of compromised domains is different: in these cases our goal is to help domain owners as much as possible, since it is common not to know how to deal with the problem.“

The main tool used to detect cases of risk is the Abuse IQ system. In addition, PUNTUEUS collaborations with the Basque Cybersecurity Center and the Global Cyber Alliance are important to ensure cybersecurity.

VOCABULARY

BOTNET

Networks of devices used to carry out scams and cyberattacks.

GENERATED DOMAINS

Domains that have been generated, often via an algorithm.

COMPROMISED

The website or service offered using the domain nme has been compromised and is being used with malicious intent.

HACKED

Sites that have been compromised by hackers.

SUSPICIOUS

Domains showing suspicious behaviors.

MALWARE

Software intended to damage systems or networks.

PHISING

Fraudulent attempt to obtain sensitive information.

SCAM

Fraudulent or deceptive act or operation.

SPAM

Unsolicited emails sent to multiple recipients.

COVID 19

Fraudulent records made using the Covid 19 subject.

IDENTITY FRAUD

The registrant and/or person responsible for publishing content in the domain is using a fraudulent or stolen identity.

POLICY BREACH

The registrant of the domain does not comply with the terms of the registration policy.