Home IFTTT Trend Micro Simply Security The Easiest Way to Get the Gold Out of Fort Knox: The Rising Threat of DNS Hacks

The Easiest Way to Get the Gold Out of Fort Knox: The Rising Threat of DNS Hacks

By
Thursday, May 21, 2015
Read
Add Comment

We’ve learned recently that the St. Louis Federal Reserve was the victim of a cyberattack.

It appears to be a classic “watering hole” technique going after victims where they’re known to gather.

What’s notable is that none of the Federal Reserve’s systems, or their network, were compromised. Instead, users of the St. Louis Federal Reserve were redirected to the attacker’s websites by hacking the DNS recorders for the bank. Once at the malicious sites, attackers may have forced malware on to user systems, or intercepted email and other network traffic to acquire sensitive information.

In essence, attackers can potentially get the same information they would by hacking the Federal Reserve’s systems or network without actually having to do so.

Think of it this way – if you wanted to steal the gold from Fort Knox, what’s the easiest way to do it? Would you try to break into the heavily guarded and protected facility? Or would you instead target the more vulnerable trucks that carry the loot?

That’s basically what’s at work here. Attackers are smart and efficient, they’ll always take the easy route.

DNS hacks are a logical response to better system and network security. And, it’s not just the Federal Reserve. Home users could be the victims of this too. Just today one of our own researchers posted about his own experience with his home’s router DNS being hacked.

The lesson is clear – make sure your DNS is as secure as your network and systems. If you own a domain, work with your registrar to make sure only you can make changes. If you run a network (and that includes home broadband and Wi-Fi connections) do whatever you can to ensure that systems and routers linked to trusted DNS. Security products that provide multiple layers of protection that includes web reputation services like Trend Micro™ Internet Security can also help protect against these sorts of attacks.

Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.



from Trend Micro Simply Security http://ift.tt/1HxlfBc
via IFTTT
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us