CYBER CRIMINALS ARE COMPROMISING YOUR DOMAIN NAMES AND DNS
Domain name and domain name system (DNS) hijacking is serious, becoming more prevalent, and can cost you money and your reputation. It enables a third party to forward your company's web visitors to fake websites to steal login credentials and confidential data. DNS hijackers can also harvest information from inbound company emails, then launch sophisticated phishing attacks on customers and staff using a company's own domains to make the attack appear legitimate. This is not only a serious data risk, but a privacy nightmare, especially in light of more stringent government privacy policies, like the EU General Data Protection Regulation (GDPR).
HOW DO CYBER CRIMINALS ATTACK DNS?
At a basic level, the DNS serves as the internet's address book. It's responsible for translating the domain name an individual enters into a corresponding IP address (a unique string of numbers) that web browsers use to identify where traffic is trying to go. This process, like other protocols, may not be highly visible, but underpins the entire function of the public internet. Therefore, malicious efforts to corrupt or otherwise exploit the DNS not only threaten to harm individual users and organizations, but can also jeopardize overall trust and confidence in the internet itself.
THREE ATTACK VECTORS USED FOR DNS HIJACKING
Recent analysis from KrebsOnSecurity, Does Your Domain Have a Registry Lock?, underscores the global scale of this threat. Similarly, research from CSC showed that 78% of the world's most valuable companies have not implemented key domain name security measures, such as a domain registry lock. The research demonstrates that this is a systemic problem that has the potential to compromise organizations of all sizes, geographic locations, and sectors.
DOMAIN SHADOWING: A MORE CUNNING ATTACK
Cyber criminals can change the zone files of a domain instead of altering the nameservers. They usually leave the website intact and add a subdomain to the zone file that can be used in a phishing attack.
RECOMMENDATIONS TO MITIGATE THE RISK
1. Incorporate secure domain, DNS, and digital certificate practices into your overall cyber security posture
2. Use a defense in depth strategy to secure your domains, DNS, and digital certificates
3. Proactively identify, understand, and employ the appropriate security measures for your vital domain names (CSC Security CenterSM)
4. Domain-based message authentication, reporting, and conformance (DMARC)
Learn more about how CSC can help you to secure your domains, DNS, and digital certificates.
CSC THOUGHT LEADERSHIP
BLOG
DNS: The Growing Threat of DNS Hijacking and Domain Shadowing
In this post, we take a deep dive into DNS hijacking as well as domain shadowing.
BLOG
Global DNS Hijacking and How CSC Secures Your Digital Assets
In the world of cyber crime, the news never seems to cease. In fact, two recent news stories detail domain name system (DNS) hijacking.
PRESS RELEASE
CSC Alerts Companies to Increased DNS Hijacking
Security learnings from the latest incidents.
WE'RE READY TO TALK
CSC can help you manage the risks of DNS hijacking. CSC Security Center deploys advanced proprietary algorithms to expose security blind spots that make you susceptible to attack. Hundreds of the world's largest companies use our security services—such as MultiLock and two-factor authentication—to protect their organization and brands. These solutions offer the most compelling method to minimize your risk in the event of an attack.