This article from CyberCecurity is too important not to share.
The Domain Name Service (DNS) is the part of the Internet that maps web site names that you use to IP addresses that the Internet uses.
DNS servers see a lot of those names and numbers. Billions of them a day, in fact.
Akamai, in addition to being one of the largest content delivery services also serves up DNS requests. So, it is easy for them to look at those addresses and see if they map to anything known to be malicious. Here is what they found.
- Between 10 and 16 percent of organizations have “command and control” traffic on their network during any given quarter. C&C traffic is how malware phones home.
- 26 percent of affected devices have reached out to KNOWN initial access brokers. An IAB is a part of the hacker underground that breaks in. Beyond that, they sell the credentials and they are gone. Unlikely for them to get caught because once they “break down the door”, they leave. In and out.
- 30 percent of the affected organizations are in manufacturing, meaning real world supply chain impact.
- Attackers are compromising network attached storage – putting both your data and possibly your backups at risk.
- Hackers are going after home networks as well – a new way into your network. This includes mobile devices (phones and pads) and IoT devices (like Alexa, Siri and hundreds more).
If you are not filtering your own DNS traffic for malware, you should be and if you protect all of the devices your employees use, it works no matter if they are in the office or the local coffee shop.
The tech is not free, but neither are breaches.