As cybercriminals look for new ways to attack organizations, the National Security Agency takes a hard look at how DNS can be manipulated and makes recommendations on how to secure it.
The bad guys are spending a lot of time focusing on the specifics of how network communications work, looking for ways to hijack, reroute, obfuscate, and overall utilize your network and its configuration as an asset to help make their cyberattacks more successful.
According to a newly release report by the NSA , organizations today need to include DNS in their list of security concerns. Cyber attackers work to both eavesdrop and manipulate DNS traffic as part of attacks. The NSA makes three recommendations in this report:
While these changes in how your organization leverages DNS are intended to help to quickly and easily secure this portion of network communications, creating a more secure stance against cyberattacks, the reality is this may be one of those solutions looking for a problem. Sure, it’s possible that DNS traffic could be impacted by a man-in-the-middle DNS attack, but historically, DNS has only been used as a tunnel to move malicious traffic, or by modifying DNS client settings to point to malicious DNS servers.
I’m all for making the organization more secure, so as long as implementing the NSA’s recommendations are easy enough, sure – go ahead. But I wouldn’t necessarily put too much emphasis on this as an attack vector that requires all of your attention.
The new KCM GRC platform helps you get your audits done in half the time, is easy to use, and is surprisingly affordable. No more: “UGH, is it that time again!”
With KCM GRC you can:
NSA Warns Against Using Third-Party DNS and Encourages DNS Over HTTPS bigbase1net, cvv-shopws