CISOs Preparing for DNS Attacks Over Christmas

  • Just around a few-quarters of cybersecurity gurus have said they anticipate to see an enhance in DNS-connected security threats in excess of the subsequent handful of months.

    In preparing, 3 in 5 (59%) have altered their DNS security solutions in the run up to the holiday break year, in accordance to a new report from the Neustar Intercontinental Security Council (NISC).

    Nevertheless, 29% have reservations all around their capacity to respond to DNS attacks, likely attributed to the shifting and intricate DNS danger landscape, as some buyers admitted to getting been strike by at the very least one DNS attack in the earlier yr, such as DNS spoofing/cache poisoning (28%), DNS tunneling (16%) and zombie domain attacks (15%).

    “Acting as the internet’s tackle ebook and spine of today’s digital services, it’s unsurprising that DNS is an progressively interesting vector for malicious actors, significantly as a lot more shoppers turn to internet websites throughout peak online shopping intervals,” reported Rodney Joffe, chairman of NISC, SVP and fellow, Neustar.

    “When prosperous, DNS assaults can have harmful repercussions to an organization’s online existence, model and reputation. A area hijacking attack, for example, can result in hackers getting control of a company’s domain and making use of it to host malware or start phishing campaigns that evade spam filters and other reputational protections. In a worst-circumstance circumstance, this type of attack can even direct to an group dropping its area completely.”

    In an email to Infosecurity, Jack Mannino, CEO at nVisium, flagged the danger of DNS tunneling as getting a well-liked exfiltration technique “because DNS is regularly permitted for egress website traffic.”

    Mannino reported: “Understanding your DNS site visitors and getting visibility into assaults is vital simply because quite a few command and command programs use DNS for this reason, and attackers can exfiltrate information more than the protocol by way of attacks like SQL injection as properly, evading firewalls and filtering appliances.”

    Through September and October 2020, DDoS (22%) was ranked as the best issue for security experts, adopted by system compromise (19%) and ransomware (17%). During this interval, companies have targeted most on increasing their capacity to respond to vendor or client impersonation (58%), targeted hacking (54%) and IP handle hacking (52%).

    Joffe mentioned it was positive that businesses are conscious of the severity of DNS attacks, but it is also important that they proceed to acquire proactive measures to protect them selves and their shoppers from the unique threats.

    “This really should contain regular DNS audits and regular monitoring to make certain a extensive knowing of all DNS targeted visitors and action,” he explained.

    “Crucially, DNS information can also supply corporations with well timed, actionable and crucial risk insights, enabling them to not only safeguard in opposition to DNS-associated threats, but also mitigate the vast the vast majority of malware, viruses and suspicious content in advance of critical techniques are infiltrated.”