Ancient DNS Weakness

“A legacy vulnerability, now 20 years old still at large.” –iDigital Times   

         Over the last year, the HITBHaxpo team has been researching a DNS weakness found by pure accident. According to HITBHaxpo this vulnerability “Was initially thought to be a minor issue [but] was quickly identified as endemic across the UK and parts of Europe.” Throughout the team’s research, they realized that hackers had infiltrated these organizations’ DNS systems through a 16-year-old vulnerability.

This information is shocking, as the study found that the hackers had penetrated into educational institutions from all around the globe. This “bug” results from a weakness in the DNS servers that “allows for zone transfers outside of the institution network” according to iDigitalTimes.

But what does all this mean? Zone transfers enable the sharing of information within an institution. For example: at a University, teachers want to be able to share online databases and internet libraries with students. Universities also share information between each other. This becomes an issue when zone transfers become public. Essentially a hacker is able to request a zone transfer and once they’ve penetrated the system at one access point, “every single device on the external facing network and in some cases, the internal network as well” becomes at risk, says iDigitalTimes.

Now this story is only one example of where DNS weaknesses led to catastrophic failure. DNS Made Easy has dedicated the past 14 years to perfecting their system to avoid “bugs” like this and the ensuing carnage that could devastate an entire network. In addition, DNS Made Easy has multiple levels of fail-overs that prevent websites from ever going down.

If you believe your system may be at risk, Kyle Fleming of Haxpo has written a program to evaluate domains for this vulnerability. HERE

The best course for prevention and preparation for attacks like this is DNS Made Easy. With their elite system, dedicated to protecting clients from DDOS attacks, and dozens of redundancy measures—count on DNS Made Easy to watch your back.