EDITOR’S QUESTION
Such attacks pose several risks to a
business, one of the most concerning
being data theft.
Financial services websites (such as
banking), as well as online shopping
websites, can easily fall victim to this
type of attack and this could result in
passwords and credit card or personal
information being compromised.
RIAAN BADENHORST,
GENERAL MANAGER OF
KASPERSKY IN AFRICA
he continued evolution
of digital has resulted in
a cyberthreat landscape
that is becoming
increasingly difficult
to navigate, with
cybercriminal activity growing in numbers
and sophistication.
T
Cybercriminals are using a variety of
different types of attacks to target
victims, making it critical for a business to
not only understand the threat landscape,
but to also keep on top of it.
A type of attack vector that remains
popular and easy to exploit, is that of
Domain Name Server (DNS) attacks,
poisoning or spoofing.
This is a type of cyberattack that exploits
system vulnerabilities in the domain
name server to divert traffic away from
30
Issue 09
legitimate servers and directs it towards
fake servers. The code of a DNS attack
often occurs via spam emails.
These emails attempt to frighten users
into clicking on the supplied URL, which in
turn infects their device.
Banner ads and images, both in emails
and untrustworthy websites, can also
direct users to this code. Once infected, a
user’s computer or device will take them
to fake websites that are spoofed to look
like the real website, which exposes them
to risks such as spyware, keyloggers or
virus worms.
This type of attack redirects traffic bound
for the target corporation’s servers to a
cybercriminal’s own machines. As a result,
visitors to a company website are taken to
fake resources that look authentic but have
no filters or protection systems.
Furthermore, such attacks pose a
massive risk to the internal workings
and processes of an organisation. If fake
servers are successfully created, the
victim organisation loses contact with
the outside world. Mail is hijacked and
typically phones as well, given that many
businesses make use of IP telephony.
This greatly complicates both
internal response to the incident
and communication with external
organisations – DNS providers,
certification authorities, law enforcement
agencies and so on.
Eliminating DNS attacks or cache
poisoning can be difficult, as cleaning an
infected server does not rid a desktop
of the problem and clean desktops
connecting to an infected server will be
compromised all over again.
However, being fully prepared for such
attacks, leaning on cybersecurity threat
intelligence and a strategy aimed to
ensure that a business is focused on
prevention, detection, responding and
prediction, is key.
Furthermore, dedicated cybersecurity
training for a business and its employees
around the reality of such attacks and how
to be a human firewall to these, plays an
important role.
www.intelligentdatacentres.com