“The attack on Anvil UK routers is a prime example of threat actors using the DNS to aid their crimes. They can use vulnerabilities in the router firewall/software to gain greater access and redirect DNS settings to their own DNS services, essentially impersonating the organisation’s DNS services
Unfortunately, attacks like these on the DNS are becoming more common. EfficientIP’s research showed that 88% of organisations experienced an attack last year with 28% due to DNS hijacking/credential attacks.
Such attacks can have disastrous consequences on an organisation’s operation and reputation. Downtime from DNS attacks can lead to partners and customers being locked out of services for hours – currently the average time for organisations to mitigate these threats stands at 6 hours and 7 minutes. These issues can erode the trust and confidence of both partners and customers.
Therefore, organisations must ensure that they have the latest versions of software and services by checking if the router contains the latest patches or firmware. This can be even taken one step further by changing the router settings to a better DNS service. Ultimately, it is essential that organisations have a reputable ISP, and know the hardware and routers they use.”
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics