It’s all quiet on the cybersecurity front – at least according to industry analysts. Kaspersky noted that Q2 2021 ended with a relative downturn in the number of global cybersecurity attacks, with the ever-popular DDoS attack route experiencing a 38% reduction in total attempts. Despite this, rumblings continue under the surface as analysts look at the impact of vulnerabilities found in DNS hosts and providers across the world. DNS attacks are taking off and having a serious impact on the profitability and safety of businesses across the world, and questions remain over whether new technology can make a serious impact.
The state of play
There is reason to be concerned over the current level and scope of DNS vulnerability exploits and other attacks. DNS attacks rose significantly in the 2020/21 financial year, with 90% of US businesses self-reporting such attacks on their systems. This is largely down to new and sophisticated forms of software and attack vectors that can target DNS in a far more productive manner. Security Week highlights one exploit of AWS Route 53 which, according to their estimates, could be utilized for ‘nation-state’ levels of spying on American businesses. The world has largely wised up to the threat of DDoS attacks – although the cost of protection is often substantial – and that means other forms of attack are seeing innovation. Via DNS is clearly a favored route, at least for the time being.
This innovation is being clearly felt by large companies across the world. TechRepublic reported in July that the tsuNAME exploit could be used to allow large-scale DDoS attacks on authoritative DNS servers, essentially cutting out the middleman of connecting via protective services such as CloudFlare. This takes away a major part of the protective network of business cybersecurity infrastructure, and has already been felt – significant periods of downtime experienced by Microsoft and its Xbox game network were linked to tsuNAME-like exploits deployed against their network.
Can AI help?
One way to effectively protect networks from these kinds of attacks is through active prevention. A sort of vanguard, or watchdog, for any internal network will help to pick through traffic and ensure that the right connections are prioritized and threats are picked apart before they can cause any serious damage. AI can, however, be turned against network security admins in a damaging way. One study, published in the Discover Internet of Things journal, noted how the use of AI is already being used in order to attack home-based IoT systems and create new vulnerabilities.
How does this intercede with the world of DNS attacks? AI can be used to fish out exploits and vulnerabilities and mimic safe traffic, just as it can be used for the opposite effect. The onus is on developers to develop AI tools and ML protocols that can help to elevate their own product above anything that might be deployed by malicious actors in an attempt to bring down a network or extract information from it.
In the meanwhile, most businesses will benefit from continuing to take a holistic view towards their cybersecurity. An all-encompassing approach is the most appropriate one, and will help to nullify a broad range of threats before they can become very serious and start to threaten the overall makeup of the digital network. There is perhaps an argument that countering DNS-level attacks is something that needs to be accomplished by national or federal cybersecurity enforcement; however, as always, there’s a lot that businesses can do to chip in and protect themselves.