When they proposed the Domain Name System (DNS) in 1983, computer scientists Paul Mockapetris and Jon Postel never intended it to become an attractive means for hackers to commit crimes. As a trust-based communications protocol, the DNS was first implemented in the early 1980s to connect devices to the Internet. It works by mapping domain names to IP addresses.
Unfortunately, it wasn’t long before unscrupulous actors found the protocol’s design and components easy to abuse. Open DNS resolvers abound on the Internet, and the same goes for the exploit kits that criminals can deploy even without any technical knowledge.
Flash forward to 2019, DNS attacks are on the rise. Anyone could become a victim: in the past month alone, a distributed denial-of-service (DDoS) attack hit the U.K.’s Labour Party. Cloud infrastructure provider Amazon Web Services and antivirus vendor Avast also fell victim to similar attacks.
In the wake of these recent attacks, we rounded up a list of the worst DNS attacks in history, and what possible lessons cybersecurity professionals can glean from them. We also briefly discussed how domain DNS lookup tools like DNS Lookup API can potentially help to prevent such attacks.Continue reading
Over the past five years, cyber attackers have been ramping up campaigns targeting the Domain Name System (DNS) as a primary attack vector. The reason? The DNS is a critical part of any organization’s operations because it is responsible for properly resolving domain names to IP addresses. In a nutshell, it directs visitors or even potential customers to the right websites.
However, despite the crucial role that DNS servers play, businesses have yet to recognize the need to secure them. Why is that? Let’s take a closer look to answer this question, starting with why DNS attacks are typically successful.Continue reading
Cyber attackers continuously enhance their tools, tactics, and procedures (TTPs) to remain undetected for as long as they can while in their targets’ networks. Despite the increased sophistication of attacks, however, old techniques die hard and keep causing extensive damage. Case in point: Domain Name System (DNS) hijacking remains a favored attack type among threat actors.
This post provides reasons why cybercriminals never seem to get tired of launching DNS hijacking attacks. We also take a close look at how cyberspies hijacked entire nations’ domains and provide recommendations to potential targets, notably through the use of tools like DNS Lookup API and IP Geolocation API, so they can avoid the same fate as the victims of the Sea Turtle Cyberespionage Campaign.Continue reading
These days, even large-scale operations suffer from Domain Name System (DNS) flood attacks despite using advanced solutions and subscriptions to the best anti-denial-of-service (DoS) protection services. Attackers always seem to come up with a way to launch distributed DoS (DDoS) attacks of unmatched sizes to take their victims’ sites offline. To date, the worst DDoS attack seen was 1.7 TBps strong. Resulting losses are difficult to ignore, as these range between $120,000 and $2 million.
DNS flood attacks typically employ traffic from various spoofed IP locations. They also mimic legitimate requests, and thus are tricky to diagnose. With large packets involved, incidents can quickly drain resources and take the victim’s platforms offline for hours. DNS floods are classified as layer 7 attacks as they affect application availability within a network...Continue reading
You might be aware of how much Domain Name System (DNS) attacks can cripple organizations and their online properties. The 2019 Global DNS Threat Report by IDC confirms this, stating that the average cost of a DNS attack has risen by 49% since last year to $1.27 million. Companies also reported that it takes their teams more than a day to fix breaches, thus drastically affecting operations and revenues.
Today, we’ll examine the worst DNS incidents to date and how a DNS reverse lookup tool like DNS Lookup API can help organizations build up domain intelligence against them.Continue reading
The Domain Name System (DNS) is a fundamental cog in a company’s network. It needs to function seamlessly for an entire network to run like a well-oiled machine; otherwise, it can bring your online portals to a screeching halt.
The problem is that not all organizations are aware how much of their digital ecosystem relies on a properly configured DNS environment. Most, especially small businesses, are guilty of not monitoring their DNS settings, paving the way for enterprising hackers to exploit undetected vulnerabilities. The DNS attacks featured in this post show the damage that poor DNS hygiene could inflict on businesses. Fortunately, solutions like DNS Lookup API can help.Continue reading
If you have ever published a blog post and then got so much flack for it you ended up taking it down – and you still think this would make the problem go away, think again. If your readers have your blog on their RSS feed and click on its link, they’ll still be very likely to be able to read a cached version of it.
The same is unfortunately true for domains. Every change a domain goes through is recorded on its historical WHOIS record, made possible by the introduction of passive Domain Name System (DNS) — a means to find out any modification made at some point in time to a specific domain.
As such, any bit of information related to a domain can still be seen via a passive DNS search. And this is the reason why making sure your domain has had no ties to any malicious activity throughout its entire life cycle is important.Continue reading