Homeland Issues Alert Over Recent DNS Attacks

The US Department of Homeland Security issued this week an “emergency directive” laying down guidelines for investigating DNS hacks and securing DNS management accounts.


The four-step action plan, which was published following the spate of DNS hijacking attacks originating from Iran, requires government agencies to audit DNS records for unauthorized edits, change passwords, and use multi-factor authentication on all accounts where DNS records can be managed.


In addition, government IT personnel are ordered to monitor Certificate Transparency (CT) logs for TLS certificates that have been newly-issued for government domains, but have not been requested by government workers.


Source: ZDNet

Post a Comment