Domain Name System (DNS) Vulnerabilities
By John M. Stout
DNS is at the Heart of the Internet
It is safe to say that without the Domain Name System (DNS), the Internet would not be
the force it is today.
In the early days of the Internet, users trying to reach another host on the network
were required to input lengthy IP number strings (e.g., 74.125.45.105 - a listed IP address
for Google). As the internet grew number strings became more cumbersome and unworkable as most
users could not consistently remember the proper sequencing of random numbers.
To simplify this process, a solution was developed based on a data solution (flat file)
that related each IP address to a comparatively easy-to-remember common language address (e.g.,
Amazon.com, U-Tube.com, and Twitter.com) that was easy to remember and provided ease of use.
By the late 1980s, the flat file had evolved to the Domain Name System (DNS) in use today-a
system that is open, distributed, and expands as users, enterprises, Internet Service Providers
(ISPs) and domains appear on the network. Ease of use and expandability was the goal but, since
cyber security attacks and malware were virtually unknown, DNS security was not a priority.
DNS is very effective and works in the background of search activity. Internet users
are assured that when they type in a URL or e-mail address, they will be connected to the correct
Web site or e-mail box. Many commercial companies developed brand strategies based on this
functionality in order to use the Internet's reach to develop more customers and increase sales/revenue.
Most of these companies adopted a.com or.net extension. The Federal government adopted a.gov
or.mil extension.
DNS Brand Implications
The functionality of DNS opened the branding world to the Internet. Common names became
commonplace brands (e.g. Google, Bing, Amazon, and E-Bay) and powerful strategies were developed
to market brands on the Internet.
An entirely new marketing strategy called Search Engine Marketing (SEM) developed whereby
keyword searches and positioning on search pages developed into a major industry. Premier placing
on the first page of a search engine gave the recipient an advantage for more business versus
the competition.
Google became a multi-billion dollar concern by developing algorithms that enabled effective
and powerful key word searches. Web based purchases supported by easy, convenient key word
searches now account for 20-30% of all retail business and the web based e-commerce market
share continue to enjoy strong growth. DNS is an integral part of this success. But as traffic
on the Internet grew, the entire net became vulnerable to Cyber attacks. A good portion of
this vulnerability can be attributed to the inherent vulnerability of DNS.
DNS is Inherently Insecure
The original design of the Domain Name System (DNS) did not include robust security features;
instead it was designed to be a scalable distributed system and attempts to add security, while
maintaining backwards compatibility were rudimentary and did not keep pace with the skills
of malicious hackers. As a result cyber attacks created Internet chaos.
Security may top the list of enterprise and network administrators, but too often the
link between security vulnerability and DNS is not understood. In order to enhance security
and defend against cyber attacks, government agencies, commercial enterprises and network administrators
must acknowledge the importance of DNS to the secure operation of the Internet.
Consequently, any commercial company that uses the Internet for sales, e-commerce, service,
marketing or logistics, as well as Internet Service Providers (ISPs) and large, strategically
sensitive government networks need to be aware of DNS vulnerability.
As the Internet expands in terms of users, devices and traffic, so does the opportunity
for sophisticated DNS mayhem-whether malicious (hacking), aggravating (spam) or illegal (accessing
sites containing content that violates legal and regulatory mandates) or devastating denial
of service (DoS) attacks..
It became very evident that enterprises and ISPs must protect their users and networks-sometimes
from the amateur hacker but increasingly from organized crime and state sponsored cyber terrorism.
One of the most vulnerable, critical areas was DNS. Cyber attacks are expected to increase
and have a bigger impact as the Internet grows.
The internet is also growing by an order of magnitude and just about every user of the
internet is directly affected by the Domain Name System (DNS). The Domain Name System (DNS)
is an essential part of the Internet. Many Internet security mechanisms, including host access
control and defenses against spam and phishing, heavily depend on the integrity of the DNS
infrastructure and DNS Servers.
|