Summarized by Wired… “Researchers at Cisco’s Talos security division on Wednesday revealed that a hacker group it’s calling Sea Turtle carried out a broad campaign of espionage via Domain Name Service (“DNS”) hijacking, hitting 40 different organizations. In the process, they went so far as to compromise multiple country-code top-level domains—the suffixes like .co.uk or .ru that conclude a foreign web address—putting all the traffic of every domain in multiple countries at risk.”

Here are your key takeaways…

Your organization could be affected by DNS hijacking depending on the countries you do business in, and/or the hosting provider you use. This is one of those aspects about your organization you never had to think about before. Here are a few keys to take for action:

  • Multi-factor authentication – you want to know the account is required to leverage multiple forms of authentication in order to make changes to records
  • Alerts, alerts, alerts – for expiring domains / sub-domain creation / account logins, etc.
  • Support and documentation – since most organizations leverage registrars and don’t host their own DNS infrastructure, there are fewer DNS experts in-house these days. Good support could make all the difference.

If you want to learn more, you can find the Wired article here:

https://www.wired.com/story/sea-turtle-dns-hijacking/

For more information about DNS, check out this website:

https://www.networkworld.com/article/3268449/what-is-dns-and-how-does-it-work.html

Image courtesy of Wikimedia Commons