Is your DNS at risk?
A plea to enforce security access controls on your Domain Name System provider.
Even if you have an otherwise multi-layered defense, the tiniest cracks can bring down even the most security-hardened systems. These days, many system administrators and IT or cybersecurity professionals are laser-focusing on hardening individual endpoints and monitoring internal infrastructure, always mindful of that latest vulnerability needing to be patched.
While those steps are necessary, they don’t hit everything. In 2017, Wired.com published a cautionary tale about how one Brazilian bank had been compromised, in a way you wouldn’t expect: weak security on their DNS name records. If an attacker can compromise the underlying system on which your email, web, apps, and services operate, the internal security of those systems goes out the window—useless. In the Brazilian banking attack, cybercriminals were able to hijack the bank’s email accounts and intercept communications related to wire transfers. In doing so, they were able to redirect nearly $27 billion (yes billion, with a ‘b’) in assets to accounts under their control.
This wasn’t the exploitation of a zero-day vulnerability or an unprecedented attack; this cyberattack used known weaknesses inherent to the way the internet fundamentally functions. I’m not here today to spout doom and gloom and say that the internet is going to crumble due to this fatal flaw. But, listen up: there are ways to avoid going the way of this Brazilian bank. Take the time to limit who has access to DNS records, make sure 2FA is enabled correctly, and use proper access and auditing controls—always. I see too many networks where this access is left wide open, in which case you’re really just handing bad actors the keys to the kingdom.
TL;DR: Please limit access to your GoDaddy account, and enforce 2FA on it.