DNS Security and Your Business

There’s been an increased focus on the importance of DNS security in the media recently. The Federal Reserve Bank of St. Louis was breached using a vulnerability in DNS last month, and a few years ago, several media companies – including the New York Times and Washington Post – went offline because of similar types of attacks.

So what is DNS and why is it important to small business?

DNS stands for “Domain Name System” and it is a mechanism to make the Internet a more human-friendly place. The Domain Name System was originally invented to support the growth of email communications on the ARPANET (developed under the U.S. Advanced Research Projects Agency–ARPA).

The ARPANET launched at UCLA on August 30, 1969, and was the first wide area network. A network connection was added to the Stanford Research Institute later that year. By the end of 1972, there were 24 sites on the ARPANET, including the Department of Defense, the National Science Foundation, NASA, and the Federal Reserve Board.

In 1983, a military-only network called MILNET split off from the ARPANET; this military network later become part of the Department of Defense’s Defense Data Network. The National Science Foundation managed the non-military network that evolved into the public Internet we know today.

DNS is a system that ties alphabetical names to the numerical IP addresses that allow computers to “talk” to each other. Alphabetic host names were introduced on the ARPANET shortly after its creation to make it more user-friendly because alphabetic names are much easier for people to remember than numeric addresses.

A key element of the DNS standard is a worldwide collection of DNS servers designed to be distributed and non-centralized in order to support a free and open source Internet. With no central location for all DNS servers, communications can continue even if a server was disrupted by an attack. Similarly, no one single company or government could shut off the Internet. It is a democratized system that has survived over 30 years, in spite of the incredible technological advances that have taken place during that time.

When you enter a domain name (e.g. google.com), your computer will find your nearest DNS server and ask it what the correct IP address is for that name. DNS will return the IP address and your computer can then communicate with the relevant machine.

GoDaddy is an example of a domain name registrar. They provide a service that assigns these names with IP addresses for the end user (such as when you get a URL for a website). The DNS server operating your domain – known as the authoritative name server – holds the requisite IP address information.

Many cyber-attacks involving DNS knock the authoritative name server out of action and disrupt the ability to resolve the IP address. An inability to resolve an IP address will cause Internet software to fail and the affected domain is rendered inaccessible (which includes the capability to send and receive emails). This is why Internet service providers and hosting companies routinely deploy multiple DNS servers.

Historically, DNS hacks like the ones involving the St. Louis Fed and New York Times have been committed by sophisticated cybercriminals with large resources. While they do not typically target small businesses, there are precautions that can be taken to help avoid the risk of these types of attacks.

It is important for business owners to know who maintains the authoritative DNS server for their company’s domain. Many domain name resellers will host the DNS as a value-added service at no additional charge, as do practically all web hosts when you sign up with them. Businesses often count on their web developers to handle this detail, but business owners should own their domain outright and possess all the credentials. Businesses may want to consider paying for DNS services from companies that offer added security and protection.