In 1992, librarian Jean Armour Polly coined the phrase “surfing the Internet” and for anyone that has since ridden its waves of data and information, chances are you have come across the term DNS. Today, the domain name system (DNS) is one of the foundations of the Internet, working quietly in the background to ensure smooth navigation in this space.
But before DNS, navigating the Internet was a gruelling task. In the early days, messages were manually sent from network to network, using a series of IP addresses. The rapid growth of the Internet caused massive problems when it came to maintaining records of these addresses and, given there are now over 360 million domain name registrations, this method was unsustainable.
To address this issue, the DNS was created to provide an easy way of navigating the Internet and connecting users to websites – using domain names. Now, instead of humans acting as a switchboard for the Internet, the DNS is there to direct them to where they need to go.
But what does DNS mean (opens in new tab), and what role does it play in keeping organisations protected?
Introducing the Domain Name System
The Domain Name System (DNS) is the hierarchical decentralized naming system, created over thirty-five years ago to provide interconnectivity between online systems and the routing protocols for Internet traffic. In other words, every device connected to the Internet has its own unique IP address.
The DNS makes it possible to input normal words into your browser, without having to memorize long and often complex IP addresses. Essentially, a DNS server (opens in new tab) is a database full of public IP addresses and it acts like a phone book of the Internet, with entries added, deleted, and amended in real-time every second in a transparent manner.
Whenever you type a domain name in your URL bar, the DNS will find the corresponding IP address and direct you to where you need to go. So why is it important? DNS can be considered one of the cornerstones of the Internet. After all, if a DNS can’t find the correct IP address, you simply won’t be able to access the website you’re looking for.
However, the foundational importance of the DNS makes it a major target for criminals and there is an ever-present and increasing threat to businesses of all sizes. The loss of control of a critical domain name or a website being unavailable even for a short period will cause revenue and reputational damage for organizations.
Volume and variety of DNS attacks increased
Over the last two years, we’ve seen a huge rise in the demand for bandwidth, as the world adapts to new ways of working; with the DNS system now handling over 2 trillion queries every day. But alongside an increase in legitimate DNS queries, there has been an unwelcome increase in malicious activity, with criminals looking to compromise DNS infrastructure for their own personal and financial gain.
There has been a significant rise in DDoS attacks (opens in new tab). These attacks target the DNS infrastructure of organizations or DNS providers with huge volumes of DNS queries to prevent legitimate requests from reaching web servers and accessing websites and online services.
While the nature of attacks has changed, the traditional threat of DNS hijacking or cache poisoning is still a real and legitimate threat. These attacks are based on criminals gaining access to DNS databases and changing the IP address so that legitimate website traffic using a particular domain name is redirected to another website, often without the user recognizing there is an issue. Recently, cryptocurrency exchange Curve Finance was the victim of hackers hijacking its DNS. The company lost over $570,000 to criminals who redirected its traffic to their own website.
Organizations must ensure that key infrastructure is protected in a world of increasing digital threats. Having robust security policies that encompass the use, and protection, of domain names as key digital assets is vital.
Protecting your websites from attack
It is crucial for every business to understand how their domain names are being used. Many will be utilized in a way to generate revenue, increase perception and reputation, or support critical infrastructure. But it may not always be apparent to internal stakeholders that a domain is no longer resolving to the correct website, or even at all.
DNS Traffic Analysis, for example, is a great way to ensure that every domain redirects to where it should, highlighting anomalies that can be quickly corrected and aligned with the domain name policy.
Analyzing the data will also highlight those high-traffic domain names which may need enhanced functionality, prioritization, and security management. It is worth identifying these key domains and evaluating the use of registry level locking, email security records, and DNSSEC.
While the priority of DNS is to ensure that domain names are directed to the correct web content, enterprise providers will also offer proactive threat monitoring and intelligence that keeps the most critical domain names present and protected. Having robust security policies that encompass the use, and protection, of domain names as key digital assets is critical as major DNS outages or security incidents are now headline news for all the wrong reasons.
These types of events damage not only revenue but the reputations of organisations. This is why choosing an enterprise DNS partner which has a globally distributed network of DNS nodes is key. Using enterprise-grade DNS ensures that critical domain names that support websites, online applications and email addresses continue to function, even if there is a DDoS attack on the network.
DNS services come in all shapes and forms. At their heart they ensure domain names direct to where they should. The key test comes when the network is put under stress, either by an increase in legitimate traffic or by nefarious sources. For many organizations, the question is can they afford to risk their domain names ceasing to function due to the limitations of their DNS network.
Auditing DNS on a regular basis is now considered best practice. Working with a domain security expert will provide you with forensic analysis and trusted recommendations to ensure domain names are adding to revenue and reputations rather than headaches and security concerns.