|
Just as we started the new year, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency’s (CISA) issued an alert. On January 6, 2020 , they warned of domain name system (DNS) hijacking and other cyber threats that may be used by nation-state threat actors to disrupt business activity and take control of vital internet assets. A familiar refrain heard in 2019 now repeating in 2020.
If your reaction to this is “what is DNS hijacking?” or “when did we last review our domain name portfolio with a view to mitigating this threat?,” here’s what you need to know:
DNS hijacking is when a cybercriminal or hacker (in this case, potentially state-sponsored) diverts website visitors to a defaced website, or a fraudulent one, to steal login credentials and confidential data. Information can also be harvested from inbound emails, then used to launch sophisticated phishing attacks on customers and employees using a company’s own domains to make the phish appear legitimate. This poses a threat as not only a serious data breach and a privacy nightmare, but also a business continuity risk.
There are three reasons it’s essential to review your domain lock portfolio regularly, comprising registry and registrar locks, and especially now:
To understand more about DNS hijacking and locks as a control measure, I’ve also written a post about the various types of domain locks and its effectiveness.
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byRadix
Sponsored byDNIB.com
Sponsored byCSC
Sponsored byVerisign