What is DNS?
DNS is an abbreviation for “Domain Name System.” It is an address book for the internet. Without DNS, the internet would be as difficult to navigate as a city with no name and no addresses.
For business owners, purchasing a domain name was probably the first task you completed after dreaming up a business model. Once it is set up, DNS just works, so it is understandable if you haven’t given your DNS records a second thought for months or even years.
Why should I worry about DNS now?
Problems arise when old DNS records are left exposed. Failing to audit and verify DNS records can put your organization and brand at significant risk.
For example: In June, a researcher discovered a glaring security error committed by Microsoft. Old DNS records Microsoft left behind (IP addresses that Microsoft no longer uses) were exposed. With this information a hacker could gain access to any user of Outlook.com, the Microsoft Store, and Sway [Ref. 1, 2].
Around the same time, ThousandEyes, a global network monitoring company, fell prey to a similar attack. They left behind stale DNS records that attackers leveraged in phishing campaigns. The attackers established trusted certificates, had their content spread across Google, and used ThousandEyes’ reputation and brand to dupe unsuspecting victims [Rev. 3].
If this type of attack can happen to Microsoft and ThousandEyes, it can happen to you. If your DNS service is compromised, it can take days to fix. Even worse: this sort of attack can do irreparable damage to your brand reputation.
What can I do?
The good news is: three easy steps will safeguard your business from this catastrophe!
ISOutsource recommends an annual review at minimum (quarterly preferred) of external DNS records. We also recommend that you establish processes to remove DNS records upon service decommission. Additionally, we recommend using strong passwords (25+ characters) and two-factor authentication with your domain registrar and DNS providers.
For an overview of DNS, DNS Made Easy™ has put together a great video explaining how DNS works.
Let us know if we can help!
[gravityform id="1" title="false" description="false"]