The Domain Name System (DNS) is the protocol leveraged within the Internet´s distributed name and address database architecture. Originally implemented to make access to Internet-based resources human-friendly, DNS quickly became critical infrastructure in the intricate behind-the-scenes mechanics of the Internet, second only to routing in its importance. When DNS becomes inaccessible, the functionality of many common Internet-based applications such as e-mail, Web browsing, and e-commerce can be adversely affected—sometimes on a wide scale. This short blog post will explore some real-world examples of DNS abuse. I would like to welcome and thank Andrae Middleton for joining me as a co-author and presenting his expertise on this article.
There are a few different types of DNS attacks: cache poisoning, hijacking attacks, and denial of service (DoS) attacks (which primarily include reflection and amplification). In the news as of late are widespread and focused DoS attacks. Cisco Security Intelligence Operations (SIO), with its distributed sensors, is able observe and measure various aspects of the global DNS infrastructure. What follows are two vignettes detailing recent Internet DNS DoS attacks against the Internet’s DNS infrastructure. We will see that, though the attacks are different, the results are similar and the countermeasures and mitigations are the same.
It was a dark, cold, and scary night when I returned from dinner with friends and noticed that my mobile phone was missing. It had corporate sensitive data such as emails, calendar events, and documents, as well as personal data (including pictures, videos and other documents). Well, let me be honest with you, I didn’t really lose my phone. However, many cell phones, tablets, and other gadgets are lost or stolen on a daily basis. The problem of stolen mobile devices is huge. According to a report from the Federal Communications Commission (FCC) earlier this year, about 40 percent of robberies in Washington, D.C., New York, and other major cities now involve mobile devices. The FCC has teamed up with the nation’s top wireless carriers, including AT&T, Verizon, T-Mobile, and Sprint, to develop a database of stolen mobile devices.
Allowing employees to access corporate email, critical business applications and data makes workers more productive and effective. Finding just the right balance when allowing easy access to the applications that users need to be more productive, while maintaining the integrity and security of enterprise resources, will give your organization a competitive advantage.
Stolen and lost devices are among the many challenges of mobile device security.
Professional services, Consultancy Services, Advanced Services – call them what you will. I can hear you say: “On No! Complexity”. “Now I need to work a Statement of Work”. “I need help to get my project on time, can’t this get easier?” “I need to get my legal contracts team involved.” “Why can’t you just tell me a price?”
Common reactions from some of you who will engage any (and I mean any, not just Cisco!) professional services organization (for example, Cisco Services or one of our many partners) to help bring additional experience, expertise and resources to your projects. The good news is, where appropriate to your requirements, this complexity has been substantially reduced, with Fixed Price services from Cisco, available now for many of our most popular products and solutions.
I will confess: this is not new – in fact we (quietly) first released such Fixed Price services back in 2009, to support the Cisco Unified Computing System deployments! – and if we’re honest, we’ve not talked much about them and how successful they’ve become, with many, many customers taking advantage of these quick-to-engage expert services.
One of the greatest threats to Internet service is Distributed Denial of Service (DDoS) attacks which can paralyze ISPs and disrupt traffic to and from targeted websites. For years now, DDoS attacks have dropped down the IT security priority list as topics such as IP theft took center stage.
Recently however, DDoS attacks targeting organizations of all types have sharply increased. Afflicted organizations had daily operations disrupted and servers compromised, with attacks increasing in sophistication and damage impact. The next waves of attacks will likely be even more complex and damaging.
The DDoS revival reminds us that as threats continue to evolve, organizations must strengthen their security infrastructure and management practices to improve the timeliness and effectiveness of incident response.
I pulled some workshop hosting duty trying to fill Jimmy Ray’s big orange shoes this morning. The subject is a great one – Intrusion Prevention in the Data Center with an incredibly sharp engineer, Stijn Vanveerdeghem. Stijn is one of those crazy smart security guys down in Austin, TX as he works with a bunch of old friends from the team of IDS experts we have there.
So much emphasis on the data center these days for obvious reasons and it makes sense that anytime we consolidate something valuable – there is going to be an increase in creativity for how to get to it when your not supposed to.
We do these workshops as part of our TechWiseTV shows for their interactivity and the difference in the depth we can achieve. A number of references were made as to other resources, shows we have done as well as published papers and studies. I have included all the links we brought up below.