Detect and mitigate DNS security threats with ActiveTrust DNS

Internet Identity (IID) released ActiveTrust DNS, designed to detect, diagnose and mitigate DNS security threats.

By hijacking DNS translations, attackers can drive unsuspecting surfers and corporate users to malicious sites, making large parts of the “Net largely useless or insecure. They can also intercept corporate e-mail, financial transactions, and other highly sensitive data and personal information. Recent DNS hijackings of CheckFree, Comcast, Baidu and Twitter highlight how vulnerable organizations are to DNS exploits.

“By redirecting DNS, hackers can easily access vital data like financial information, passwords, emails, instant messages, proprietary documents and more,” said Steve Crocker, chair of the ICANN Security and Stability Advisory Committee – charged with advising the ICANN community on threats to the security and integrity of the entire Internet’s DNS. “This exposure in the fundamental Internet infrastructure has long been a blind spot that is now being exploited, and it is good to see services such as ActiveTrust DNS being created to illuminate such events. Organizations should look to implement strong measures to detect and stop DNS threats before they propagate.”

According to a January 2010 report prepared by Washington, D.C. policy think tank Center for Strategic and International Studies (CSIS), the cost of downtime incurred from a network infrastructure attack on some of the world’s leading organizations is more than six million dollars a day.

IID ActiveTrust DNS chops issues off at the root before bad data can spread around the world. This minimizes downtime and ensures that the communication channels for an online enterprise and its vast web of contact/transaction partners are legitimate, secure and available.

ActiveTrust DNS provides action in three ways:

Detect – Numerous automated systems constantly probe the DNS infrastructure for any malicious or accidental configuration issues affecting an organization and its extended enterprise. The IID team instantly alerts an organization when it identifies a suspicious change within its extended DNS.

Diagnose – IID’s 24/7 team layers human intelligence and insight onto an automated system, determining the likely importance and impact of a given DNS configuration issue. The team immediately communicates critical issues to designated stakeholders within the customer organization.

Mitigate – Through IID’s relationships with key Internet infrastructure providers, law enforcement authorities, security partners and more, it brings all parties together including extended enterprise partners, ISPs, domain registrars, software vendors, etc. to resolve the issue in a timely fashion.