On January 22, 2019, The U.S. Department of Homeland Security, DHS, Cybersecurity and Infrastructure Security Agency, CISA, issued an emergency directive. This emergency directive was put into place to address ongoing problems and issues associated with global Domain Name System, or DNS, infrastructure tampering. As a business owner or executive in charge of a business, you may have many questions about this and how it can affect your business. Here is what you need to know about DNS infrastructure tampering.
DNS infrastructure tampering involves techniques that allows an attacker access to your DNS. They are able to compromise a users’ credentials, allowing them to make changes to DNS records. Once the records are changed and altered, it allows an attacker the ability to access and intercept many things related to the network, including but not limited to your web address, your mail traffic and web traffic. An attacker can take that information and redirect incoming traffic to an unsafe website that may contain viruses or may collect information about your customer or business. When the attacker accesses your DNS, they also have access to encryption certificates, which allows certain information to be decrypted. And unfortunately, since the certificate is valid, your users will receive no error warnings that the certificate is outdated, so they may feel safe putting in personal information.
When an attacker tampers with your DNS infrastructure, they basically hi-jack your website. They can control incoming traffic, control where that traffic goes, and see personal information, such as names and credit card numbers. Unfortunately, if your page is hijacked, you have to tell your customers that their personal information may have been compromised, which reflects poorly on you. Your customers and clients expect you to keep your page safe for them, and if you fail to do so, it can be detrimental to your business.
It can be difficult to determine if your DNS infrastructure has been tampered with unless you take the time to carefully review your DNS certificates. It is recommended that you take the time to audit your DNS records, change your DNS account passwords to more complex passwords and add multi-factor authentication to all of your DNS accounts. This should be done within 10 days, as the threat level for DNS infrastructure tampering is so high. This should also routinely be done in the future to ensure your DNS certificates have not been tampered with.
DNS infrastructure tampering can create a security threat to your business. It can negatively affect your business website, and any websites that those within your business frequently visit and interact with. Fortunately, there are steps you can take to help decrease the risk of DNS infrastructure tampering and protect your business. Having the right IT team in place and learning about security threats is imperative to keeping your business safe from threats at all times.
Thanks for helping us upgrade our Macs and get them working exactly as our business needs! Fast, convenient and very knowledgeable! You’re the best!
Alary Technologies has been our IT support team for the past year at the START Clinic for Mood and Anxiety Disorders. They have done a excellent job in upgrading our system, organization, and supporting us in technical computer matters. Compared to other IT companies we have worked with, Alary Technologies comes on top. Ahmed Kufaishi the Managing Director at Alary Technologies is solution focused, knowledgeable and makes an effort to really understand his clients’ needs. It has been a pleasure to work with Ahmed and Alary Technologies. I would recommend their services to other companies and clinics.
“We continue to work with Alary Technologies due to the fact that they are quite educated and knowledge based with current upgrades, and their commitment to their customers.”
Ahmed has been providing our company with expert IT services for close to 3 years. He has guided us through hardware upgrades, server back up procedures and was instrumental in brokering a custom software program that fully automated some key functions in our business. Ahmed has always been thoroughly professional in all his dealings with us and has provided consistent and sound advise for all of our IT requirements. We consider Ahmed and Alary Technologies to be an important partner for our business.
It is refreshing to work with someone who can organize things and describe in plain language. I have a large and growing knowledge base for my work as an architect. I have realized that I can’t do everything, that I do need a team member who can look after this one relatively small by crucial part of my practice.