In light of the recent domain name system (DNS) hijacking attacks on The New York Times , Twitter and Huffington Post, it’s important for CIOs to take a closer look at their DNS security strategy — and to be able to respond quickly if their company is attacked.
DNS records are basically sets of instructions that help connect your website to the outside world. The following five practices make these records harder to hijack and easier to recover if they are compromised, thereby reducing the damage attackers can cause. When DNS records are hijacked, a company must be able to get them back as quickly as possible because once the malicious records hit the caching servers, it becomes much harder to undo the damage.
1. Use best practices for credentials that allow changes to be made to DNS records.
Your whole service is only as secure as the security of the password to your DNS registrant account. Ensure that access to accounts used to update DNS records is limited to as few people in your organization as possible. Make sure to use hard-to-guess passwords, and avoid reusing passwords at all costs.
2. Revisit the choice of DNS provider regularly as you grow.
Many companies, particularly start-ups, frequently choose DNS registrants and DNS service providers based on a combination of their pricing and the ease of setup and use. Sometimes that means the DNS provider doesn’t have much information about the owner other than a username and password used to identify the account. In cases of social engineering attacks or compromised passwords, it might be hard to reclaim the domain.