How CISOs can Secure DNS from DDoS Attacks to Defend Brand and Profit

46
How CISOs can Secure DNS from DDoS Attacks to Defend Brand and-01

Cybercriminals perceive chances for DDoS attacks as more firms adopt internet-connected gadgets, which could explain the spike. Companies that integrate unsecured Internet of Things (IoT) devices without proper cybersecurity precautions put themselves at risk and contribute to the surge in DDoS attacks.

According to a 2021 Netscout threat intelligence report, the first half of 2021 saw a record-breaking amount of DDoS attacks. This marks an increase of 11% from the previous year’s figure of 5.4 million. This growing frequency is accompanied by ever-evolving attack strategies aimed at identifying exploitable security flaws that allow attackers to get access.

DDoS attacks are not new, but it doesn’t mean they are not dangerous. In fact, depending on the length of the attack, the financial consequences of overages, a decline in productivity, and lost income due to downtime can go into the hundreds of thousands of dollars for many firms.

Also Read: Organizations adopting ‘SASE’ to fight Security issues in Hybrid work mode

The pandemic has increased people’s dependency on digital services for everything from jobs to shopping to leisure, making attackers rich pickings. As attackers became more interested in causing maximum disruption and potentially damaging the organizations they targeted, they began to start attacks in the hopes of being paid to stop.

DDoS and DNS are inextricably linked

Many DDoS attacks seek to inundate a domain name system (DNS) server with queries, causing it to become overwhelmed and unable to respond to valid requests. DNS is one of the levels of application architecture that might be targeted by attacks. They all have the same plan, and if it works, the sheer volume of traffic will render the server, as well as all websites and services connected to it, unreachable or inoperable. To remotely overwhelm the targeted server, “botnets,” or massive groups of compromised devices ranging from home routers to “smart fridges,” are typically deployed.

When it comes to orchestrating cloud services and application traffic, the DNS is the most important control point. Organizations rely on it to deliver high-quality digital services to users at the correct time and place. It’s no coincidence that many of the high-profile organizations targeted by DDoS attacks during the last eighteen months were the ones we relied on the most during the pandemic.

To defend against DDoS attacks, use resiliency, anycast, and filtering

Any company that hosts a website or provides service over the internet is vulnerable to cyber-attack. The goal is to minimize the impact of the attack rather than to prevent it.

Companies can improve their resiliency by implementing always-on, redundant DNS. This enables the deployment of a second DNS network with independent infrastructure in an attack that compromises the first DNS. Traffic spikes can also be absorbed by overprovisioning or using Dedicated DNS.

Also Read: Three Emerging Cybersecurity Trends Security Professionals Should Watch Out in 2022

The use of anycast DNS protocols is another option. These allow DNS requests to be routed to an available server in the event of a resource attack, cloud resource overload, or CDN outages, which many providers have encountered in the past year. Furthermore, businesses can use real-time network data to dynamically load balance across resources in the case of traffic surges caused by attacks.

Authentication and access management tools, such as two-factor authentication and single sign-on, are also worth considering. Companies that utilize scripts or APIs to update DNS should employ strong authentication keys and limit key usage to only legitimate sources (i.e., IP whitelisting for DNS registrars, DNS control panels and APIs). Companies can use analytics to track any changes to sensitive DNS records and integrate their DNS vendor’s audit reporting into their SIEM or other monitoring systems.

For more such updates follow us on Google News ITsecuritywire News