Cybercrime continues to make headlines, with major brands and institutions recently forced to suspend online operations in the wake of attacks. Bad actors can exploit the Domain Name System (DNS) in schemes like phishing and ransomware, using fraudulent or lookalike domains to deceive consumers and carry out malicious activity.
The DNS is the backbone of the internet and enables everything from website access to email and other forms of digital communication. Securing the DNS is critical to protecting the digital infrastructure we depend on. Yet, a recent report revealed that 72% of companies have implemented fewer than half of the recommended DNS security measures.
These gaps leave businesses vulnerable, and cybercriminals are always looking to exploit internet users by launching phishing campaigns, distributing malware, and carrying out other malicious activities. To combat this, strengthening DNS defenses is no longer optional; it’s essential.
Identifying the risks and attack methods aimed at the DNS
Cybersecurity threats that exploit domains and the DNS are not new, yet limited awareness among business leaders and everyday internet users continues to create vulnerabilities. When coupled with the common tendency for organizations to underestimate the scope of their digital footprint, these gaps can leave the door wide open to significant security risks.
When attackers target a domain, their objective is often to deceive individuals into revealing sensitive information through tactics such as phishing or spoofing. Two prevalent forms of DNS-related cybercrime include:
- Domain hijacking – An unauthorized party gains control of a domain by altering its DNS records, often by exploiting weak credentials or tricking a registrar into transferring ownership.
- Subdomain hijacking – Cybercriminals seize control of legitimate but abandoned or overlooked subdomains, enabling them to exploit trusted brand identities to distribute malware or conduct phishing campaigns.
Businesses are continually being targeted
The consequences of a successful cyberattack can be severe, as recent incidents demonstrate. For example, the “Scattered Spider” group launched phishing attacks that compromised Marks & Spencer's domain, ultimately leading to a ransomware breach. The attack forced the temporary suspension of online operations, exposed customer data, and caused a significant drop in sales.
Such incidents can cause lasting damage to a brand, eroding customer trust and straining critical business relationships. While cyberattacks can affect any organization, the risk is particularly high for companies that rely on secure digital infrastructure to operate.
The good news: there are practical, DNS-focused measures businesses can take today to strengthen their defenses.
Practical strategies to strengthen DNS security
Effectively mitigating against cybercrime is a collective effort, but businesses can strengthen their defenses by taking several key actions:
- Enable multifactor authentication (MFA) through your domain registrar and request a domain lock to prevent unauthorized transfers or changes.
- Use strong, unique passwords to protect credentials and reduce the risk of data breaches.
- Educate employees on domain-related threats and attack methods to improve organizational awareness and resilience.
- Monitor DNS traffic for anomalies, spikes, or unusual behavior to detect and mitigate potential threats early.
- Adopt advanced security protocols like DNSSEC, which adds cryptographic verification to DNS queries to guard against spoofing and tampering.
By implementing these steps, businesses can significantly reduce their exposure to cybercrime and enhance resilience against threats that could disrupt operations and damage their reputation.
Vigilance begins with awareness
Cybercrime is an issue that can affect any internet user, meaning that everyone should improve their awareness of the dangers. This includes businesses taking a full 360-degree view of their digital footprint and their digital defenses.
By taking straightforward but high-impact steps like educating workforces, providing unique passwords, monitoring, and adopting the latest security systems, companies can significantly strengthen their defenses. With better awareness, we can all benefit from a safer internet.
-
Why this Cybersecurity Awareness Month is particularly urgentAnalysis Major outages at household brands drive home the seriousness of cybersecurity like never before
-
How EDF empowered its decision-makers with a consolidated data strategyCase study Using Informatica solutions as the foundation for its new data platform, EDF has achieved hugely streamlined operations
-
How bridging the IT visibility gap empowers channel partnersIndustry Insights CAASM enhances IT visibility, secures assets, and boosts channel partner growth
-
What actions should channel partners take in response to DSPM growth?Industry Insights How can channel partners best support their customers when it comes to adopting DSPM?
-
Cyber attacks: Can the channel save the day?Industry Insights Channel partners are becoming the first – and often only – line of defence for businesses facing growing cybersecurity threats
-
Non-human identities: Are we sleepwalking into a security crisis?Industry Insights Machine identities have exploded - yet security strategies remain human-focused
-
Managing NHIs in the enterpriseIndustry Insights Enterprise concerns about managing non-human identities create channel opportunities
-
Passwords are a problem: why device-bound passkeys can be the future of secure authenticationIndustry insights AI-driven cyberthreats demand a passwordless future…
-
Cybersecurity complexity and the channel
Industry Insights Channel partners must tackle cybersecurity complexity to drive outcomes and build trust
-
The rise of GhostGPT – Why cybercriminals are turning to generative AIIndustry Insights GhostGPT is not an AI tool - It has been explicitly repurposed for criminal activity
