This summer, the French government, through the Home Office (Ministre de l’Intérieur), announced the publication of a detailed report on cyber threats in 2018.
The report identifies, explains and illustrates current threats in the digital environment and the production of the report was coordinated by the “Délégation ministérielle aux industries de sécurité et à la lutte contre les cybermenaces” (DMISC).
In its communiqué, the Home Secretary, Mr. Gérard Collomb, stressed that the report is to be distributed as widely as possible as its main purpose is to raise awareness on the significant and growing dangers of malevolent behavior on the Internet. Thus the report gives an illustration of the various forms cyber abuse can take in order to allow readers to be better equipped to identify such threats, as the pivotal issue with cyber threats is deceit.
The report also sets milestones for the French government to achieve in the field of cybersecurity and highlights the fact that they have just recruited 800 cybersecurity experts to assist in their efforts to tackle fraud and abuse in the digital landscape.
It specifically mentions examples of how domain names can be used to facilitate cyber threats. Concrete examples of threats that actually occurred are provided.
The report explains how typosquatting is a commonly used and sometimes very efficient technique to defraud Internet users by creating the illusion that a domain name contained in an email address or a URL is legitimate when in fact it is not.
It sets out the various typosquatting methods, including using a different Top Level Domain (TLD) and also using Internationalized Domain Names (IDNs).
The use of IDNs for the purpose of carrying out phishing activities is described as a homoglyph phishing attack or IDN homograph attack. In orthography and typography, a homoglyph is one of two or more graphemes, characters, or glyphs with shapes that appear identical or very similar. For instance, the Cyrillic letters а, с, е, о, р, х and у have optical counterparts in the Latin alphabet and appear identical to a, c, e, o, p, x and y but a computer treats them differently when processing the character string as an identifier. This type of typosquatting is relatively new and coincides with the expansion of IDNs. There is a rapid increase of cases filed with the World Intellectual Property Organization (WIPO) under the Uniform Domain Name Dispute Resolution Policy (UDRP) involving domain names used to carry out homoglyph phishing attacks.
The report also mentions a recent threat to the French government which was detected by a special unit of the Gendarmerie and the French Information Security Agency (ANSSI) and that was based on the registration and use of three domain names very similar to domain names corresponding to official governmental websites.
Given that the cornerstone of Internet fraud is often a human error caused by deceit, raising awareness is crucial in the fight against cyber threats and reports such as this can only be praised for achieving just that.
The communiqué and report (in French) are available here.