Cyber Security Weekly Podcast
Episode 153 - DNSpionage: domain name system (DNS) infrastructure manipulation - Interview with Cricket Liu of Infoblox
Interview with Cricket Liu, chief DNS architect and Jasper Chik, Systems Engineer Manager ANZ at Infoblox during the 'Australian Cricket Tour' to Sydney, Canberra and Melbourne.
Attackers are executing DNSpionage attacks by hijacking and compromising millions of email and other credentials from a number of government and private sector entities. They then manipulate the DNS records of organisations to intercept and record their network traffic in this vast espionage campaign. As a result, users are pointed to malicious web and mail servers.
DNS serves as a kind of phone book for the Internet by translating human-friendly website names into numeric Internet addresses that are easier for computers to manage. When it’s tampered with, it becomes difficult for anyone to discern whether what they are seeing online is legitimate.
These sophisticated attacks were first identified in November 2018 and there have been several other public reports of additional attacks since then. Most recently, DNSpionage attacks have been causing further concern because the attackers (allegedly from Iran) have changed their tactics with new tools and malware to focus their attacks and better hide their activities.
Cricket Liu, chief DNS architect at Infoblox, was in Sydney to discuss what DNSpionage actually is and the extent of the problem. We also discuss why Australian organisations should be concerned and how they can protect their businesses and users from attack.
Cricket is one of the world’s leading experts on DNS and serves as the liaison between Infoblox and the DNS community. Cricket is a prolific speaker and author, having written a number of books including “DNS and BIND,” one of the most widely used references in the field, now in its fifth edition.
Recorded in Sydney, 21 May 2019 and courtesy of Infoblox. For more information visit www.infoblox.com