Cyber criminals have long copied organisations websites in order to hook unsuspecting victims. Earlier this week, Newcastle University warned of one such incident. It had been alerted to a site using the name Newcastle International University. The site was bogus and was set-up to catch unsuspecting students. When they connected to the site they were asked for personal and credit card data. This allows the fraudsters to steal money from the students.
RiskIQ has now launched its Digital Footprint Snapshot product. It is designed to help organisations find any digital assets that link to the business. A digital footprint is more than just the sites owned by an organisation. It includes every touch point, mentions and links to an organisation. It helps identify where the organisation is being mentioned on social media, apps that claim to belong to the company and even ads for the business.
Identifying these is more than just Reputation Management. Take mobile apps. An increasing number of enterprises now have their own apps for customers. Fraudsters create clone apps that look and feel like the real thing but are not. The user installs the app which can then steal data from their device and payment information when they use the app. The same is true of ads that claim to be issued by the company. Many of these fake ads are linked to malvertising. When a user clicks on the ad, as well as redirecting them to a company website, the malvertising also downloads malware to the local device.
According to Steve Ginty, senior product manager at RiskIQ: “RiskIQ Digital Footprint allows organizations to more effectively discover, map, and monitor their internet-facing digital assets that may be susceptible to exploitation or compromise. Now with the release of Snapshot, enterprises can obtain an on-demand report to account for often hidden and vulnerable digital assets, and use this report data to enrich their integrated risk management program.”
What is the RiskIQ Digital Footprint Snapshot?
This is a cloud-based solution that companies can use to discover all their digital assets. It creates an inventory of all the assets it locates that are connected to the enterprise. This can include IPs, hosting providers, service providers, and affiliates that are connected to an organisation.
The Digital Footprint Snapshot is built on top of RiskIQ’s PassiveTotal product which it acquired a few years ago. It also uses data captured by other RiskIQ Internet monitoring tools and from its partners. Customers get a filterable graph and inventory details of connected, internet-facing assets.
Using the free Digital Footprint Snapshot community edition (registration required) security teams can get a first view of the organisations digital footprint. This can take some time to complete. Once it has completed it will show all hosts and internet assets along with details on them. This includes information such as whether it is owned or not, last observed link and connectedness (number of connections). One major boost for the security team is that it also identifies any security bulletins (CVE’s) that it finds.
For those customers who want more they can update to the Enterprise version (POA). This gives them access to regular updates detailing any changes, phishing attacks, defacements and content issues. It will also provide more details of any CVEs that need to be addressed.
What does this mean?
As organisations expand their digital footprint they often have little clue of what they have. They are unable to protect a lot of assets as nobody knows they exist. The Digital Footprint Snapshot is a starting place to find those assets and create an inventory. It provides links to code errors and security issues.
This is a good starting point for a lot of organisations to start to improve their external digital security and spot where they are vulnerable to attack.
There is also another potential angle. This tool could also be a benefit to search engine optimisation. The ability to identify relevant links and information about the business could be used by Marketing and PR teams. The IP that RiskIQ have created could well be used in a spin off product they could develop and make available to a completely new target market.
