A white paper for black hat hackers looking to exploit DNS (the Domain Name System) has been released by Infoblox, an automated network control company. Titled “A cybercriminal’s guide to exploiting DNS for fun and profit” the paper aims to raise awareness of the techniques hackers use to compromise DNS. DNS exploits have risen 200 per cent from 2012 to 2013 according to one study, making them the fastest growing category of cyber threats.
Parties interested in the white paper might include businesspeople hoping to take out the competition, hacktivists with a grudge against an organisation, an ex-employee looking to settle a score with their former employer, or a hacker wishing to extort money from a company keen to get its website back online.
As the paper says: “Most people with online connections are happy using the Internet for “traditional” applications… But for you – one of an elite group of cybercriminals, “black hat” hackers and other Internet super-users – the Web has much, much more to offer.”
Although the paper omits many of the technical details necessary to launch a DNS attack, it notes that this information is readily available to those interested, via forums, chat rooms and other online resources. The availability of this information plus the relative ease with which attackers can target DNS means that companies must take care to protect themselves, according to the IT firm. The white paper covers:
The number of potential DNS threats and the damage they can do to your network
Inadequacies of existing security solutions that claim to protect your DNS but really leave it vulnerable
A new and effective way to protect against DNS-based threats—and continue to respond to legitimate queries even if your servers are under attack.
To download a free copy of the white paper visit the Infoblox website (http://www.infoblox.com/downloads/resources/cybercriminals-guide-exploiting-dns-fun-profit).
