DNSDNS SecurityGDPRInternet of ThingsPrivacy LawsIs your DNS Security Ready for the NIS 2 Directive? The Clock is Ticking!The NIS 2 directive underscores the importance of robust DNS security to uphold internet integrity, highlighting DNS’s critical role in digital infrastructure and vulnerability to cyber threats. Implementing a Protective DNS Security solution combined with DNS-centric threat intelligence and other security measures is essential for organizations to improve defenses, minimize cyber risks, and ensure compliance with new standards set by NIS 2, thereby maintaining internet stability and security. Let’s take a closer look. NIS 2: What’s next? The year ahead...
DDIDNSDNS RFCs: The Elephant in the Room – Part 2As stated in Part 1 of this series, DNS RFCs have a great impact on how DNS operates. It comes with a risk factor and can impact security. In this second part, we will continue to discuss the impact and provide some food for thought on how to deal with it. DNS is a clear Favorite – Everyone, and I mean EVERYONE loves it! DNS has had more than 25 years to mature, and with that, also the bad actors that want...
DNSDNS SecurityHow DNS Security Protects the Most Targeted Industry: TelecomsThe past year has only increased the pressure placed upon the telecoms and media industry as companies continue their transition to the hybrid working model post pandemic and organizations continue to implement 5G. The rise in demand has left mobile operators and ISPs increasingly prone to threat actors using DNS to target the industry. The impacts of these cyber threats are felt globally, as telecoms provide the infrastructure needed to go about our daily lives, from our work to our...
DDIDNSWhy Using DoH is QuestionableDoH (DNS over HTTPS) is an interesting solution for securing the transport of DNS traffic up to the first resolver. But is it required? What are the drawbacks? Do we really need it? Can we trust its usage and the DoH providers currently available? After a few months of intensive usage, some are pushing the message that in the context of an organization DoH is an important subject for I&O teams and more generally for the CISO & CIO to...
DNSDNS SecurityWhy SAD DNS Isn’t So Sad with SOLIDserverDNS is at the middle of any communication intent, making it a popular target for threat actors, who always manage to find new ways to attack such a critical service. Sometimes, it is not the engine itself which is faulty, but another piece of the communication chain. Being able to manipulate a DNS record in a recursive cache is very powerful as it allows forwarding traffic to a different place than the expected one – leaving an open door to...
DDIDNSDNS SecurityDNS over TLS for Improved PrivacyFor various reasons, DNS transport could be secured through encryption, with DNS over TLS (aka DoT) being one obvious solution to increase user security. User privacy reached the DNS area some while ago – we have seen a massive move from browser solutions to the adoption and more importantly the usage of secured DNS by applying, in some countries, an automatic switch to encrypted transport. DNS is business-critical so has to be secured Why is securing DNS so important? Mostly...
DDIDNSDNS SecurityIPAMVirtualization & Cloud2019: The Year That Saw Cost Per DNS Attack Soar Past $1MFor organizations globally, across all industries, cybersecurity was once more one of the hottest topics of the year. The SonicWall report states that in just the first nine months 7.2 billion malware attacks were launched, with IoT malware worryingly increasing by 33% to 25 million. As the frequency of attacks continued to increase, DNS remained a favorite target, as well as an attack vector (91% of malware are using DNS). The IDC 2019 Global DNS Threat Report revealed 82% of...
DNSDNS SecurityWhy Protecting DNS Requires More Than Firewalls(This week’s blog article was originally published in March 2017, but still rings true today). Way back when, in the early days of the Internet, all we needed to protect our systems was a firewall. You’d set up a Nokia box or a Cisco PIX, enable a few rules, and walk away, safe in the knowledge that your servers and services were protected. But the world has changed, and despite the hard work of the firewall vendors, the threat landscape...
DDIDNSDNS SecurityWhy You Shouldn’t Rush Into DoHWhile being a core component of the Internet, DNS remains one of the least secure protocols in active use. DNS security is a long-standing debate, with DNS privacy a much more recent matter and a source of division among the security community. Indeed, privacy matters and must weigh in the balance when considering DNS security. However, security is not only about confidentiality. Protocols such as DNS over TLS or DND over HTTPS must be leveraged wisely to strengthen network security,...
DNSDNS SecurityWorried About DNS Hijacking? DNSSEC Can HelpMost of the time, DNS is seen as a commodity, but the service it provides on the Internet and within enterprise networks is so crucial that any interruption will have huge impacts. In recent weeks there’s been a lot of news about DNS hijacking and massive attacks on institutional organizations. As a consequence, various pieces of advice have been offered by different media outlets, ranging from purely technical to mainstream public media. But when trying to explain DNS hijacking to...