The Department of Homeland Security (DHS) issued a warning across all government agencies earlier in January.
The Department of Homeland Security (DHS) issued a warning across all government agencies earlier in January.
Their message?
A directive requiring each and every agency to take actions to prevent Domain Name System (DNS) hijacking attacks.
What exactly is DNS?
You can kind of think the Domain Name System (DNS) as the internet’s phone book. When you open your browser and type in www.google.com to search for events going on in Philadelphia this weekend, you are actually accessing information through this phonebook. When typing in google.com you are essentially looking up Google’s domain.
DNS translates that name (www.google.com) to a number—a specific address on the internet—to make sure you are directed to the right place. Just like when looking up the phone number to your local dry cleaners, the web has a list of names and associated numbers (which IT folks like to refer as Internet Protocol or IP addresses). It translates that domain name—the one you type into your browser—to an IP address so that the page can load on your screen.
I’m sure you might have had to rattle off a long string of numbers for your printer or computer when having to deal with IT Support before. Maybe it looked like 192.168.1.1? Instead of having to know these long numbers, the internet has translators that associate a name (or a web address) to that IP address.
So… why are DNS attacks a big deal?
Recently, DHS issued a rare “emergency directive” warning that multiple government domains—and possibly domains for other organizations—have been targeted by DNS hijacking attacks, allowing attackers to redirect web and mail traffic.
While this is serious for government organizations, it certainly is serious for your organization as well! If a hijacker were to get ahold of your email, control it, edit it, exploit it, couldn’t you imagine all of the pain and suffering it could cause you?
What about clients, donors, or others invested in your organization?
There have been multiple recent attacks where hackers take over mail accounts of VIPs, edit messages slightly and end up getting bank wires along the lines of nearly a quarter million dollars. The owners of those email accounts were none the wiser until weeks after the attack was finished. Law enforcement has not been able to track the criminals involved and that money has long left the victimized bank accounts.
A quarter of a million dollars is on the small side of an attack like this. Your organization could be footing much steeper sums if an attack goes undetected—and with DNS attacks, many organizations are ill-prepared to understand whether they’re susceptible or even realize that they’ve fallen for the attack!
My question to you: will your network be next?
Now that government organizations are in full swing (the shutdown has long ended) and are diligently fixing their DNS problems, who do you think these criminals—who are armed with tools to penetrate and hijack your website and email—will target next?
My guess (along with others in the cybersecurity field) are worried that organizations that might have pushed off taking care of their security or who haven’t done much to protect themselves and clients from growing attacks are the most vulnerable to these attacks.
The easiest way to make sure you’re not in that group? Experts recommend completing a network vulnerability assessment.
Department of Homeland Security (DHS) issued a warning across all government agencies earlier in January.
Their message?
A directive requiring each and every agency to take actions to prevent Domain Name System (DNS) hijacking attacks.
What exactly is DNS?
You can kind of think the Domain Name System (DNS) as the internet’s phone book. When you open your browser and type in www.google.com to search for events going on in Philadelphia this weekend, you are actually accessing information through this phonebook. When typing in google.com you are essentially looking up Google’s domain.
DNS translates that name (www.google.com) to a number—a specific address on the internet—to make sure you are directed to the right place. Just like when looking up the phone number to your local dry cleaners, the web has a list of names and associated numbers (which IT folks like to refer as Internet Protocol or IP addresses). It translates that domain name—the one you type into your browser—to an IP address so that the page can load on your screen.
I’m sure you might have had to rattle off a long string of numbers for your printer or computer when having to deal with IT Support before. Maybe it looked like 192.168.1.1? Instead of having to know these long numbers, the internet has translators that associate a name (or a web address) to that IP address.
So… why are DNS attacks a big deal?
Recently, DHS issued a rare “emergency directive” warning that multiple government domains—and possibly domains for other organizations—have been targeted by DNS hijacking attacks, allowing attackers to redirect web and mail traffic.
While this is serious for government organizations, it certainly is serious for your organization as well! If a hijacker were to get ahold of your email, control it, edit it, exploit it, couldn’t you imagine all of the pain and suffering it could cause you?
What about clients, donors, or others invested in your organization?
There have been multiple recent attacks where hackers take over mail accounts of VIPs, edit messages slightly and end up getting bank wires along the lines of nearly a quarter million dollars. The owners of those email accounts were none the wiser until weeks after the attack was finished. Law enforcement has not been able to track the criminals involved and that money has long left the victimized bank accounts.
A quarter of a million dollars is on the small side of an attack like this. Your organization could be footing much steeper sums if an attack goes undetected—and with DNS attacks, many organizations are ill-prepared to understand whether they’re susceptible or even realize that they’ve fallen for the attack!
My question to you: will your network be next?
Now that government organizations are in full swing (the shutdown has long ended) and are diligently fixing their DNS problems, who do you think these criminals—who are armed with tools to penetrate and hijack your website and email—will target next?
My guess (along with others in the cybersecurity field) are worried that organizations that might have pushed off taking care of their security or who haven’t done much to protect themselves and clients from growing attacks are the most vulnerable to these attacks.
The easiest way to make sure you’re not in that group? Experts recommend completing a network vulnerability assessment.