<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=26304&amp;fmt=gif">

Keeping Your Reputation Safe: Why Monitoring the Attribution of IP Addresses Matters

Julia Grunewald | June 16, 2017

BitSight Security Ratings are based on security events and configurations present on a company’s digital infrastructure. As we discuss these ratings with companies, we’ve found that many of them have infrastructure registered to them that they are unaware of. With the recent WannaCry ransomware attacks (and with the increased frequency of cyber incidents overall), it is becoming critical that organizations take a more thorough look at their infrastructure. This preventative measure can help identify any vulnerabilities or malicious activity on unmonitored parts of a network, as well as confirm that accuracy of registrations.

There are several possibilities that explain why companies may not be cognizant of infrastructure associated with their brand. This happens frequently during acquisitions. Through this process, the parent company acquires all the IP addresses and domains of their new subsidiary. Some of these IP addresses may be affected by malware, botnet infections, or other harmful software. The longer these IP addresses, domains, or open ports go unattended, the worse the consequences may be if an attack ensues. It’s critical that organizations do their due diligence during and after acquisitions to see what assets they are acquiring. If they’re not aware of these new assets, they cannot take effective measures to protect them, or guard their reputation from a potentially harmful impact.

Companies also gain and forfeit IP addresses on a regular basis through Internet Service Providers (ISP) like Verizon or Comcast. Additionally, if they change service providers, the IP addresses are typically forfeited to the service provider. ISPs don’t always keep those registrations up to date, so it is the responsibility of the company to make sure their registrations are up to date when changing what infrastructure they use.

When federal agencies like the FBI investigate suspicious or illegal activity, IP address attribution is the first thing examined when nefarious activity on a certain IP address occurs. For example, if an IP address is registered to a company, but used by an attacker to launch a malware attack, the company will have to go through the process of cleaning up the registrations as part of the investigation, which is more costly from a time, resource, and reputation standpoint than making the updates proactively.

Reputation Matters: Why Reputational Risk Management Is So Critical For Your Organization

So, why does this matter? Companies should not only confirm the IP address space for their own company, but also encourage their vendors and other critical third parties to do so. More and more often, data breaches involve a company’s third parties. By knowing and confirming the IP addresses registered to them, a company can help protect their reputation and mitigate many of the above risks.

BitSight Security Ratings can clearly identify all the infrastructure belonging to your company (registered IP address and CIDR blocks, IP addresses where your domains are hosted, etc.). In most cases, there are links provided that lead straight to the registration records. BitSight can also identify the IP addresses with the largest number of problems on your network, which is a good place to prioritize efforts for security improvement. Additionally, your third parties can have access to all of their IP information if you invite them to the BitSight portal for a two week period at no cost. This enables vendors to view the details of their IP address registrations as well as their BitSight Rating and associated information. Lastly, BitSight provides contact information for all of the regional registers that leads directly to their IP address allocation departments to help you and your third parties update any outdated registrations. As always, our Customer Success and Support teams are here to help you through any step of the process.

Suggested Posts

How BitSight Helps Drive Quick Risk Reduction Across Third Party Ecosystems

At a recent BitSight Roadshow, a customer with an advanced third party risk management program declared “assessments are not risk reduction.” The statement was not meant to convey that assessments are useless for third party risk; rather,...


BitSight Hackathon 2017

For the second year in a row, BitSight gave its engineers, product managers, and data and research scientists the day off from normal work to make something cool. The hackathon day had all the typical stuff: awesome custom-designed...


A Year in Review: A Look Back on BitSight’s 2017

As 2017 draws to a close, we can’t help but be grateful for what a banner year this has been for BitSight.


Subscribe to get security news and updates in your inbox.