Speakers
Synopsis
The security landscape is evolving at an unprecedented pace, presenting organisations with increasingly sophisticated challenges. As Australia strives to achieve ambitious security objectives, the demand for cost-effective, high-impact security solutions continues to escalate. One area of immense potential lies within Domain Name System (DNS) technology, yet many organisations lack a comprehensive understanding of its pivotal role in modern security strategies.
DNS serves as the backbone of network communications, facilitating every interaction between devices and their intended destinations. However, its open and inherently vulnerable nature has made it a prime target for malicious actors, with over 90% of malware utilising DNS as an attack vector. Despite efforts to secure DNS infrastructure, organisations often underestimate the breadth and complexity of threats leveraging this protocol.
This presentation will shed light on the vulnerabilities inherent in DNS, the diverse array of threats exploiting the protocol, and innovative security approaches harnessing DNS and related network services to fortify organisations against evolving cyber threats.
Why DNS Vulnerability Matters
DNS, now four decades old, underpins modern network connectivity. Originally conceived to simplify resource access without burdening users with complex numerical addresses, DNS was not designed with robust security measures. Over the years, it has become a favoured target for cybercriminals, surpassing HTTP/S as the primary attack vector. Unlike HTTP/S, DNS often operates under less scrutiny, making it an attractive avenue for malicious activities.
Understanding DNS Exploitation
Threat actors have honed their tactics over 40 years, exploiting DNS vulnerabilities for various nefarious purposes. Speakers will explore prevalent exploitation methods, including malware propagation, ransomware attacks, data exfiltration, DNS tunnelling, domain generation algorithms (DGAs), and domain hijacking.
Leveraging DNS for Defence
Despite its vulnerabilities, DNS holds immense potential as a defence mechanism. DNS data, when combined with DHCP and IP Address Management (IPAM), provides valuable insights into threat DNA, aiding in early detection and mitigation. By blocking known malicious domains, monitoring DNS traffic, and integrating DNS-centric threat detection into Extended Detection and Response (XDR) ecosystems, organisations can bolster their security posture.
As Australia confronts escalating security challenges, DNS-based threat detection and remediation must occupy a central position in the nation's cybersecurity strategy. Government entities and private sector organisations alike require comprehensive solutions to safeguard against evolving threats, making DNS expertise essential in the fight against cyber adversaries.
Let’s collaborate to strengthen Australia’s cybersecurity resilience through DNS-centric security solutions.
