DNS (Domain Name System) servers work by translating IP addresses into domain names. For this reason, you only need to typewww.kitedistribution.co.uk into your browser to visit our website, rather than trying to remember 213.171.222.105
Why the hackers hack DNS?
You may have noticed that more and more high profile DNS attacks are being publicised in the media each week. These breaches are happening to some of the major banks, public sectors, service providers and media entertainment companies where security is paramount, demonstrating the threat posed to all businesses. This increased notoriety is not surprising as DNS attacks rose by 216% in 2014 alone making it the second largest target vector for all DDoS attacks. The surge in hackers targeting DNS is due to it’s very nature; conventional DNS servers do not have a mechanism for blocking queries destined for malicious domains.
How the hackers hack DNS?
Once the DNS server has been impaired, the hacker utilises it in one of two ways; firstly, they can redirect all incoming traffic to another server of their choice – they can then perform further attacks and record traffic logs containing sensitive information. Secondly they can exploit the business’ email and identity, by capturing emails and sending emails from their domain. There are many types of DNS attacks Figure 2 presents the top attacks. Get a Free DNS Assessment of your network here.
Your DNS is too valuable to be vulnerable.
Attacks lead to catastrophic systems failures, business downtime loss of revenue, confidential information, reputation, customers and productivity. 46% of large business have experienced DNS exfiltration, do you know if your DNS is secure?
Find out if your DNS is secure?
Get a free Infoblox DNS Assessment here and find the malware and APTs lurking in your network.
The Assessment: Once you have registered an Infoblox SE will get in touch to advise you on how to complete the assessment. It will be a non-intrusive sample packet capture of your DNS traffic using Wireshark (or similar), no kit will be deployed on your site, simply upload a sample of your DNS traffic to a secure drop box and we will send you a detailed report on the malware or advanced persistent threats identified on your network, giving you more visibility and control of your business’ security.
Written by Sandie Ibanez Leach at Kite Distribution
Sources:
- Prolexic Quarterly Global DDoS Attack Report, Q4, 2013.
- Prolexic Quarterly Global DDoS Attack Report, Q1 and Q2, 2014.
- 2014 Arbor Networks.
- Three types of DNS attacks and how to deal with them, Aug 28, 2013, csoonline.com.
- The rising tide of DNS threats, Infographic, Infoblox 2014.
- The rising tide of DNS threats, Infographic, Infoblox 2014.
- Don’t just scratch the surface when securing Internal DNS, Infographic, Infoblox 2015.
- DNS attacks putting organizations at risk, survey finds, SC Magazine, December 23, 2014.
