DNS Account and Records – Staying Safe and Mitigating Risks
Keeping Your Accounts and Records Safe from Tampering
A recent series of tampering incidents of records of both civilians and government agencies is a reminder to stay vigilant when it comes to DNS accounts and records.
Emergency Directive 19-01 was published by the US Department of Homeland Security – Cybersecurity and Infrastructure Security Agency. The directive, published on 22 January 2019 is entitled “Mitigate DNS Infrastructure Tampering”.
The Domain Name System (DNS) records are at risks of attacks by unscrupulous cybercriminals. These criminals will attempt to tamper with the victims DNS accounts and records and compromising them. After they have obtained these records (illegally, of course), they attackers will gain enough access to start making alterations to your records.
They might attempt to change existing records like the Mail Exchanger (MX), Address (A), and even Name Server (NS). They might even try to get their hands on authorised encryption certificates that are usually available for domain names. If they are successful, they could redirect or intercept and exploit the content with malicious intent.
Some examples of what tampering with your DNS accounts and records could lead to include:
- Using emails as part of their phishing attempts.
- Planting legitimate URLs to get their hands on sensitive data.
- Obtaining confidential and sensitive information.
Measures to Mitigate DNS Records Tampering
To keep yourself and your DNS accounts and records safe, the Singapore Computer Emergency Response Team (SingCERT) recommends the following:
- Using a stronger password, preferably with a mix of lowercase letters, uppercase letters, symbols and numbers.
- Regularly checking your accounts and verifying that the information is correct.
- Ensure that your DNS accounts require multi-factor authentication.
- Practising good cybersecurity measures and keep abreast on ways to stay safe online.