Failing to properly maintain subdomains (opens in new tab) can leave organizations at risk as they often contain overlooked vulnerabilities according to a new report from security researchers at the Vienna University of Technology and the Ca’ Foscari University of Venice.
While cybercriminals often try to hijack organizations' subdomains (opens in new tab), the researcher's “Can I take your subdomain? (opens in new tab)” report, which will be presented at the USENIX Security Symposium in August, highlights how even large businesses with well-funded IT teams can fall victim to an attack by abandoning or ignoring unused subdomains.
As reported (opens in new tab) by The Register, once a subdomain has been neglected by an organization, it can become vulnerable to cookie-based attacks. In such an attack, a cybercriminal will set up their own site hosted on a different server which they will use to replace a company's subdomain.
- We've built a list of the best web hosting (opens in new tab) services available
- These are the best business web hosting (opens in new tab) providers on the market
- Also check out our roundup of the best domain registrars (opens in new tab)
As websites usually consider their subdomains to be “safe”, cookies from the main website can be overwritten and accessed by the subdomain. This allows an attacker to impersonate other users on a company's corporate network to launch additional attacks or steal sensitive data.
To show just how disastrous not properly maintaining one's subdomains can be, they also scanned 50,000 of the world's top websites from the Tranco list (opens in new tab) to discover 1,520 vulnerable subdomains across 887 sites. Cisco, CNN, Harvard and the US National Institutes of Health were just several of the organizations whose subdomains were susceptible to potential attacks.
After informing IT admins about their findings, only 31 percent of the vulnerable subdomains were secured after a six-month period. Another reason to properly maintain subdomains is due to the fact that organizations with more of them have a much larger attack surface (opens in new tab).
In order to avoid falling victim to any potential attacks, organizations should decommission unused subdomains and keep their certificates up to date.
- We've also featured the best CDN (opens in new tab)
Via The Register (opens in new tab)