Not Properly Securing Your DNS Is Like Leaving Your Key In The Door

The Domain Name System (DNS) is an unseen yet essential part of how we carry out our day to day business in today's always-connected world. It converts what humans see as random numbers (IP addresses) into readable domains to navigate the online landscape in mere milliseconds.

Be it for accessing websites online, internal database or file servers or even work-related emails, DNS is the mechanism that's working in the background to make it all happen. In short, all your internet traffic flows through your DNS.

What happens when that very mechanism is compromised or disabled in some way?

You won't be able to get to any websites or emails or even be able to send out messages on text apps. If you're running any internet-facing or cloud services, they will be rendered inaccessible to customers as well. In the worst-case scenario, those who manage to gain control of your DNS will be able to carry out a myriad of nefarious deeds without you even knowing.

For example, they could redirect network traffic to any server or site that they like, access all of your inbound emails, capture login credentials and other sensitive information.

The DNS is a trusted protocol because every router, switch, and other network devices have an access list that allows DNS. You can’t work without DNS and block it.

Even if you have invested in a decent amount of cybersecurity protection to mitigate online threats like malware and zero-day attacks from infecting your devices and systems, not protecting your DNS is akin to leaving your key in the door and giving outsiders free rein into your premises.

Cybercriminals are aware of this. So much so that DNS has become the second most targeted service for application-layer attacks in recent years. Cybercriminals can weaponise the DNS to be a covert mechanism and use malware to get information by passing off as DNS queries, bypassing all security controls.

It's not merely about stealing data either. By flooding the DNS with traffic, an attacker can carry out a denial of service attack that could bring down your whole network or reduce it to a crawl. Cybersecurity vendors agree that about 95% of malware attacks come through an organisation's DNS because it's a trusted protocol.

To prevent your DNS from being exploited, attacked or hijacked, businesses have to take preventative measures by having a reliable DNS security solution in place before it's too late. The only way to protect a DNS infrastructure is to have these evasive manoeuvres and intelligence inside DNS because you need to be able to terminate the DNS query to know what's going on.

Infoblox Advanced DNS Protection (ADP) was designed to reduce business disruptions caused by known DNS-based attacks and adapt to new and evolving threats that target your DNS. It also provides a single pane of glass visibility into attack points across the network and attack sources, supplying your organisation with the intelligence necessary for efficient threat management.

It is currently the only solution that lets you defend against the broadest range of external and internal DNS based attacks while maintaining service continuity.

For further information on Infoblox ADP and its flexible and cost-effective deployment options, click here.

share us your thought

0 Comment Log in or register to post comments