The DNS is essentially the system that enables users to connect to websites. It is a directory of websites matched with their designated Internet Protocol (IP) address and means that users can access sites by typing just a web address into a browser instead of having to remember (and type) the full IP address.
What Is a DNS Hack?
A DNS hack, sometimes referred to as a hijack, is where cybercriminals are able to ‘take over’ a domain and redirect users to a different unsecure web space when they enter that domain into their address bar. This can be a nightmare for websites that deal with a large number of visitors but can be equally damaging for smaller businesses, as it can seriously damage their reputation.
Types of DNS Hijack
There are five main types of DNS hijack: Malware/local, Cache-poisoning, Router, Rogue and Man-in-the-middle.
It is not always easy to pick a domain name, but you should, as a rule, try to keep it short, simple, relevant and unique. You may also want to consider newer extensions such as .tech or .store as well as traditional ones like .com and .org
Why Do They Do It?
Cybercriminals undertake this particular hack to try to get users to enter their personal and financial details into web-pages which they can then capture and use fraudulently. They can also capture usernames and passwords, which they can then use to try to access other systems (assuming people use the same credentials repeatedly).
How Can I Protect Against DNS Hacks?
The first way is perhaps the simplest. When choosing a registration company for your domain, make sure you choose an enterprise-class registrar. Enterprise-class registrars have superior standards, technology controls and compliance processes and carry out regular penetration testing and vulnerability assessments.
Other ways to protect your business against DNS hacks include:
– Using up-to-date security software, particularly malware protection
– Deploying Domain Name System Security Extension (DNSSEC)
– Using a VPN service
– Using script blockers
– Controlling user permissions
– Protecting your router
– Deploying two-factor authentication
– Avoiding the use of public Wi-Fi networks
– Using IP validation
– Using encryption and keys
Following the steps above and practising good overall cyber-hygiene can help your business to avoid many forms of cyberattack.