 |
Domain Name Service (DNS) is a critical part of any organization’s digital infrastructure, but it’s also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS’s threat surface is large and widely targeted. Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization’s security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic for potentially malicious activity. Security teams should regularly review DNS configuration and zone records, and use DNS-specific tools such as DNS firewalls, DNS sinkholes, and DNS monitoring and analytics platforms. Investing in strong DNS monitoring and visibility capabilities can also help security teams get a handle on not only DNS attacks but also a host of security incidents across the entire IT infrastructure. Because DNS security touches so many IT specialties, organizations should also consider creating cross-disciplinary teams and work with stakeholders among these teams. |
