03-17-2014 04:58 PM
Late last August, some visitors to the New York Times website received an unexpected surprise - the website was down.
The source of the interruption was not a power outage or even a denial-of-service attack. Instead, it was a battle against a DNS hijacking attempt believed to be connected to hacktivsts with the Syrian Electronic Army.
The attack was one of several in 2013 that focused on DNS (domain name system) infrastructure, and security experts don't expect this year to be all that different - meaning organizations need to stay aware of DNS security threats.
Just last month, domain registrar and hosting provider Namecheap was hit with a distributed denial-of-service (DDoS) attack targeting its DNS platform that impacted roughly 300 sites. Beyond DDoS, attackers can also compromise a ame server and redirect DNS queries to a name server under their control.
"DNS providers are often targets of attack because they are a central point for disrupting all services, web, mail, chat, etc. for an organization," said Michael Hamelin, lead X-Force security architect at IBM. "The DNS server is the roadmap for the Internet, and once disrupted, services that are the lifeblood of the organization such as web, mail, and chat become inaccessible. If a DNS provider goes down, it could mean that thousands of customers have their digital presence temporarily erased."