Skip to main content

Combat DNS infrastructure hijacking

The Australian Cyber Security Centre (ACSC) is aware of a global Domain Name System (DNS) infrastructure hijacking campaign and urges organisations to protect their systems.

'We encourage administrators to follow best practices, including our Essential Eight mitigation strategies, to better safeguard their systems,' said Alastair MacGibbon, Head of the ACSC.

'While no single mitigation strategy is guaranteed to prevent cyber security incidents, ACSC recommends that organisations implement the eight essential mitigation strategies as a baseline,' he said.

'This baseline makes it much harder for cyber criminals to compromise systems.'

The ACSC recommends that administrators review the FireEye and Cisco Talos Intelligence blogs for more information about how you should harden your organisation's DNS infrastructure.

Using compromised credentials, cyber criminals can redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an organisation's domain names, enabling person-in-the-middle attacks.

For information about how you can protect your systems, read the ACSC's Essential Eight Explained and current activity advice available on the US Cert website.

July 1st, 2018