Happy first day of Spring. Bloomberg reports that
As the U.S. reels from major cyber-attacks by suspected Russian and Chinese hackers, officials are looking to implement new technologies that would allow the federal government to respond more effectively.
The National Security Agency and the Department of Homeland Security believe they have part of the answer within the Domain Name System, or DNS, often referred to as the phone book of the internet. They are encouraging government agencies and high-risk companies to embrace a system known as Protective DNS, in which a private security firm would monitor and filter web traffic.
The payoff could be enormous, officials say. PDNS blocked connections to malicious websites millions of times in a recent test involving five U.S. defense contractors. After it was installed in the U.K., the system blocked nearly 60 million connections to suspect sites in 2018 alone, including 450,000 related to the infamous WannaCry strain of ransomware, according to a report issued by the National Cyber Security Centre.
Here’s a link to the NSA / CISA’s March 4, 2021 cybersecurity information sheet, “Selecting a Protective DNS Service.” This publication details the benefits of using a Protective Domain Name System (PDNS), which criteria to consider when selecting a PDNS provider, and how to effectively implement PDNS.”
Bankinfosecurity.com adds
In light of the SolarWinds supply chain attack and the ongoing hacking of unpatched Microsoft Exchange on-premises email servers, organizations need to rethink how they use threat intelligence to block malicious domains and other malicious activity, says Oliver Tavakoli, CTO at security firm Vectra AI. PDNS services can play an important role, he says.
“Having PDNS in place allows for quick leverage of threat intel to actively block access, and it also allows relatively easy retrospective analysis to see if the organization was affected,” Tavakoli says.
Adopting PDNS services and improving security of the aging DNS protocol can help reduce common internet security problems, says Roger Grimes, data-driven defense evangelist at the security firm KnowBe4.
“A far more safe and secure internet can easily be designed. It would not take magic. It would take a few dozen people who control the internet’s future sitting in a room, designing a few global services, like Protective DNS, but on a global level, and agreeing on a few dozen values in a few database tables, and we could do it,” Grimes says. He notes, however that “it’s hard to get people in your own family to agree on something, much less all of the people in the world.”
On March 17, the FBI’s Internet Crime Complaint Center released its annual report.
The 2020 Internet Crime Report includes information from 791,790 complaints of suspected internet crime—an increase of more than 300,000 complaints from 2019—and reported losses exceeding $4.2 billion. State-specific statistics have also been released and can be found within the 2020 Internet Crime Reportand in the accompanying 2020 State Reports.
The top three crimes reported by victims in 2020 were phishing scams, non-payment/non-delivery scams, and extortion. Victims lost the most money to business email compromise scams, romance and confidence schemes, and investment fraud. Notably, 2020 saw the emergence of scams exploiting the COVID-19 pandemic. The IC3 received over 28,500 complaints related to COVID-19, with fraudsters targeting both businesses and individuals.
TechRepublic adds that “A report released Wednesday [March 17] by Unit 42, the threat intelligence team at Palo Alto Networks, looks at how ransomware has evolved and provides advice on how to protect your organization. To create its “2021 Ransomware Threat Report,” Unit 42 worked with Palo Alto Networks’ Crypsis incident response team to analyze ransomware based on their collective data across the U.S., Canada and Europe.”
Finally, Cyberscoops offers an interesting perspective on the recent Verkada security camera breach.