Our DNS is Under Attack is not something anyone wants to hear. DNS’s critical role is a threat attacker. Taking out DNS is easier than trying to take down a web site. Smart miscreants have a playbook of offensive DNS attack techniques that they can use against any organization.
Attacks against DNS are broad, yet critical to everything on the Internet. This multi-episode series will start with the miscreant threat to DNS and then expand to many other topics. Each episode will focus on the threat, the defensive countermeasures which have proven to push back against the miscreant threat. After the miscreant threats, we will expand into a range of topics around resiliency.
- Why would people attack the DNS Infrastructure?
- Attack vectors miscreants use against the DNS Authoritative Infrastructure
- Attack vectors miscreants use against the DNS Resolver Infrastructure
- Defensive DNS Principles all organizations can use to deploy DNS Resiliency (this session will use Akamai examples as a tool to illustrate BCPs).
Key takeaways to help you when your DNS is Under Attack:
- DNS is an attack vector that must be protected to keep the business safe.
- Awareness of the types of DNS attacks used to disrupt, takedown, and abuse an organization
- DNS Defensive Playbook used to protect an organization from the Miscreant DNS Attacks
Note: These sessions are based on the decades of DNS Security experiences, but done currently through Akamai Technologies. The recommendations apply across the industry with multiple DNS security architecture options available to organizations. The key is to focus on the DNS security principles, vectors used by the miscreants, and common-sense tools.
Attendee Walk Away Actions & Learning Objectives
People who walk away from this session would have a better appreciation of the risk, how miscreants see the value of vulnerable DNS infrastructure, and the damage that can be caused if DNS is neglected.
Miscreant’s Offensive DNS Playbook Sessions:
This session is updated each time it is presented. There is also constituent-specific tuning to best adapt to the peer’s needs.
Practical Security Conversations
If you find your organization needs help and worry about the FUD from the industry, reach out and ask for help. These sessions are conducted in conferences, internal workshops, and security group memberships. If you are interested, reach Barry Greene at firstname.lastname@example.org. These sessions are designed to provide practical, cost-effective, and actionable security assistance. The materials help organizations leverage the talent around them to get started with their security activities. Start with the DDoS Attack Preparation Workbook and Operator’s Security Toolkit. In the meantime, stay connected to the Senki Community to get updates on new empowerment and security insights. You can sign up to the mailing list for updates here: Stay Connected with Senki’s Updates.