DNS security needs to be at the forefront of every discussion about network security. DNS attacks are more common than most people realize and failures in DNS security can be crippling to an organization. How much money does an organization lose every hour that it is unreachable via email? How about when a fully functioning web site is invisible to the Internet, or worse visitors to a web site are redirected to a malicious web site? A 2014 study done by Vanson Bourne found that 75% of organizations in the United States and the United Kingdom had been impacted by a DNS attack and 49% had uncovered some sort of DNS-based attack in the previous 12 months. So, DNS attacks are prevalent, but they are not necessarily getting the attention they deserve.
A targeted DNS attack can take many forms, depending on the intention of the attacker. If the intention of the attacker is to redirect DNS services away from an organization, then the attacker may not even target that organization's DNS servers directly. In fact, if an attacker wants to take over a domain - also known as domain hijacking a direct attack against an organization's DNS servers is often the last resort.
Read MoreA domain hijacker will take advantage of weak DNS security practices within an organization or that organization's registrar to assume ownership of a domain name. Generally, this involves some sort of social engineering. Social engineering is a form of attack that involves manipulating people rather than data. An attacker will take advantage of the willingness of people to share information, even if that information is sensitive...
