originally appeared on F5.com on 7.29.15.
A recent report from The
Infoblox DNS Threat Index (in conjunction with Internet Identity) shows that
phishing attacks has raised the DNS threat level to a record high of 133 for
second quarter of 2015, up 58% from the same time last year. The biggest factor
for the jump is the creation of malicious domains for phishing attacks.
Malicious domains are all those very believable but fake sites that are used to
mimic real sites to get you to enter sensitive details. You get a phishing
email, you click the link and get sent to a financial site that looks and
operates just like your real bank site. If you're fooled and enter your
credentials or other personal information, you could be giving the bad guys
direct access to your money. These sites can also pretend to be corporate
portals to gather employee credentials for future attacks.
Along with the malicious domains, demand for exploit kits also helped propel
the DNS threat. Exploit kits are those wonderful packaged software that can run,
hidden, on websites and load nasty controls and sniffers on your computer
without you even knowing.
The Infoblox DNS Threat Index has a baseline of 100, which is essentially the
quarterly averages over 2013 and 2014. In the first quarter 2015, the threat
index jumped to 122 and then another 11 ticks for Q2 2015, hitting the high
mark. Phishing was up by 74% in the second quarter and Rod Rasmussen, CTO at
IID, noted that they saw a lot of phishing domains put up in the second quarter.
You'd think after all these years this old trick would die but it is still very
successful for criminals and with domain names costing less than $20 and
available in minutes, it is a cheap investment for a potentially that big
DNS is what translates the names we type into a browser (or mobile app, etc.)
into an IP address so that the resource can be found on the internet. It is one
of the most important components to a functioning internet and as I've noted on
several occasions, something you really do not think about until it isn't
working...or is hacked. Second to http, DNS is one of the most targeted
protocols and is often the source of many attacks. This year alone, the St.
Louis Federal Reserve suffered a DNS breach, Malaysia
Airlines' DNS was hacked, and Lenovo.com
to name a few. In addition, new
exploits are surfacing targeting vulnerable home network routers to divert
people to fake websites and DNS
DDoS is always a favorite for riff-raff. Just yesterday 3 people were sent
to prison in the DNS
With more insecure IoT devices coming on line and relying on DNS for
resolution, this could be the beginning of a wave of DNS related incidents. But
it doesn't have to be. DNS will become even more critical as additional IoT
devices are connected and we want to find them by name. F5 DNS
Solutions, especially DNSSEC
solutions, can help you manage this rapid growth with complete solutions that
increase the speed, availability, scalability, overall security and
intelligently manages global app traffic. At F5 we are so passionate about DNS
hyperscale and security that we are now even more focused with our new BIG-IP DNS (formerly
BIG-IP GTM) solution.
|Connect with Peter:
||Connect with F5: