Proudly serving Virginia, Maryland and DC // Call us today! 703.396.6120
V2 SystemsV2 Systems
Domain Hijacking: Protect Your Website and Your Reputation

by Erik Briceno

In our previous article on Domain Name System (DNS) Infrastructure Hijacking — or simply referred to as domain hijacking or DNS hijacking — we discussed the various areas in an organization’s infrastructure that are often left vulnerable and open to exploitation from outside actors. Today we’ll be discussing the ways you can protect and mitigate these DNS vulnerabilities.

Domain Hijacking Refresher

In a quick recap from our previous blog, DNS hijacking occurs when a threat actor essentially takes control of your website so anyone who visits it is redirected to the criminal’s website, instead. Obviously, when this happens, it’s not a great look for your enterprise. The visitors themselves become compromised and can be manipulated into everything from having their banking credentials stolen, installing malware (often just from visiting the site), or even having their machine added to a botnet campaign. In each of these instances, the visitors’ trust in your organization’s legitimacy is being taken advantage of.

How to Prevent Domain Hijacking

Like with all general cybersecurity, there are numerous steps you can take to prevent the hijacking of your DNS and the resulting impact it has on your site’s traffic.

Install Firewalls Around Your DNS Resolver

Every DNS has legitimate resolvers. Attackers may install fake resolvers in the DNS to compromise it and intercept the legitimate ones. To prevent this from happening, have the IT team place the legitimate resolvers behind a firewall, and shut down all non-required DNS resolvers.

Increase Restrictions on Access to Name Servers

An attacker could be an enemy within your organization. As such, the IT team should ensure a physical security system, multi-factor authentication access, and a reliable firewall to limit access to the organization’s DNS.

Prevent Cache Poisoning

Common measures to prevent website cache poisoning include randomizing user identity, randomizing server source ports, and using both upper and lower cases in your organization’s domain name.

Fix Known Vulnerabilities

Cybercriminals capitalize on obvious vulnerabilities to initiate attacks on DNS. Have your IT team examine the DNS for any vulnerabilities and immediately patch them up to prevent attacks.

Avoid Zone Transfers

DNS zone records are delicate files that contain data that is often targeted by attackers. The hackers may pose as slave name servers requesting for a zone transfer, which involves copying server zone records. To prevent this vulnerability, avoid zone transfers.

Deploy Mitigation Measures for End-Users

Besides advertising products to hijacked traffic, DNS hijackers also target user data and credentials. Website users can prevent hijacking by frequently changing their passwords, installing and updating their computer anti-viruses, and using reliable virtual private networks.

Ensure Secure Access

DNS access should be limited to only a few members of the IT team, who should have a multi-factor authentication whenever accessing the domain name server registrar. This measure will significantly avoid DNS hacking. If convenient for the IT team, only a few whitelisted Internet Protocol addresses should access the domain name registrar.

Deploy a Client Lock

To enhance DNS security, some DNS registrars use client locks. The lock disables the option to change DNS records unless the request is made from a particular IP address. Use A Domain Name Service provider with a Domain Name System Security Extension (DNSSEC). A DNSSEC uses digital signatures and public keys to verify the validity of DNS requests. If your DNS registrar offers DNSSEC, enable it to add a layer of protection that makes it challenging for attackers to intercept and redirect traffic from your website to a fake site.

V2Systems Domain Hijacking pt 2 March2022 Blog2 Pic2 1024x714 - Domain Hijacking: Protect Your Website and Your ReputationKeeping your organization’s website safe from DNS hijackers is essential. Your website is the face of your business, and often it’s the very first impression a visitor has about you. If your website redirects traffic to something nefarious, that’s a very bad first impression indeed.

Should you require assistance with implementing the security measures outlined above, please contact us. We’ll make certain your visitors’ trust in your legitimacy is never taken advantage of.

 

Since 1995, Manassas Park, VA-based V2 Systems has employed local systems administrators, network engineers, security consultants, help desk technicians and partnering companies to meet a wide range of clients’ IT needs, from research, to implementation, to maintenance. Concentrate on your VISION…We’ll handle the TECHNOLOGY!

ebriceno
About ebriceno
Erik Briceño is the owner of V2 Systems, Inc., one of Northern Virginia’s leading Information Technology Managed Service Providers. He is an inspiring leader for its employees and instrumental business partner for its customers. He is passionate about V2’s purpose, dedicated to exceeding expectations and a consummate professional not afraid of jumping in and getting his hands dirty. Prior to joining V2 Systems in 2002, Erik was a co-founder and COO of Ampcast.com, a leading provider of online resources servicing over 5,000 independent musical artists. At Ampcast.com, Erik spearheaded all aspects of corporate development, funding, strategic vision, and business development for the firm. From 1997 to 1999 Erik held the position of Acoustic Systems Engineer for Electric Boat Corporation, a leading defense contractor. In this role, Erik was responsible for the acoustic fidelity of two noise critical systems and components in the US Navy’s nuclear submarine systems. Erik holds a B.S. in Mechanical Engineering from Vanderbilt University and a Masters of Business Administration from George Mason University. When not working, you will find Erik a dedicated family man, raising two young children with his lovely wife Karen. Together, they enjoy building legos, playing baseball, skiing, riding horses, swimming, traveling, and fixing up old Mopars.
Domain Hijacking: Protect Your Website and Your Reputation
Domain Hijacking: Protect Your Website and Your Reputation