BID® Daily Newsletter
Nov 20, 2024

BID® Daily Newsletter

Nov 20, 2024

Protecting Your Website Domain from Common Cyberattacks

Summary: Attacks on Domain Name Systems are rampant and can result in major problems. A compromised domain name can cause myriad headaches for both the company and its customers.

Remember the “Yellow Pages”? When you called a listed company number, you could be confident that you’d actually reach a representative of the company. The Domain Name System (DNS) serves a similar purpose online, translating easy-to-remember web addresses, like Amazon.com, into numbers that form an IP address and then connect internet users to the appropriate server for their desired online destination. Because of its similar function to the “Yellow Pages”, DNS has been called the internet phonebook.
While the DNS can take you anywhere you need to go virtually, as with all internet-related technology, it is also vulnerable to cybercrime. Cybercrooks can use the DNS to carry out their criminal schemes, causing major disruptions for companies like financial institutions (FIs), where users tend to submit sensitive information that can be used to steal funds or impersonate someone.
The DNS Universe
Just how vast is the DNS universe? Cisco Systems is one of the world’s largest managers of DNS activity, and a glance at its data provides a snapshot of just how big this is.
Cisco security services resolves 715B DNS requests each day. Not surprisingly, threat actors can frequently flaunt the rules of the DNS road and create costly mischief. They can use DNS tricks to get customers to reveal personal information. They can disrupt or halt DNS traffic to an FI’s website and compromise website integrity.

Some Top DNS Threats
A recent Cisco report detailed some of the main DNS threats, based on its own data. Here are the top three, and how often they occur:
  1. Information theft. Cybercrooks compromise your domain name and use their access to get customer information and other data. Much of this sensitive information then gets posted on the “dark web”, where others can use it in malicious ways. Cisco estimated 246MM monthly detections.
  2. Trojan horses. Once this malware gets into your system, it can quietly be activated and enable theft of data and the ability to spy on activity like keystrokes. Cisco estimated 175MM per month.
  3. Ransomware. Cybercrooks continue to penetrate domains, take them over, and demand ransom to free them. The monthly estimate: 154MM.
Banks Beware These Threats
There are some threats that should be of particular concern for FIs. They can compromise customer data or financial information, lead to financial losses, damage reputations, and lead to regulatory penalties. 
Here are a few of the most worrisome DNS threats right now:
  • RAT (Remote Access Trojan). These Trojan programs get placed on FI systems and can then be remotely activated, enabling access to sensitive financial information. 
  • APT (Advanced Persistent Threat). These are high-level attacks often launched by foreign governments or organized crime groups. Both data and financial resources could be vulnerable. They can target FIs for their valuable data and financial resources.
  • Botnet. Attackers create networks of compromised computers, then use them in concert to launch attacks to disrupt or block an FI’s DNS. They can also be used to launch spam campaigns or initiate other harmful actions. 
  • Dropper. These programs are dropped onto an FI’s system and used to deliver and install malware. FIs are often targeted by droppers that deliver malware designed to steal sensitive financial data.
How To Fight Back
With the ongoing level of DNS attacks, community financial institutions need to be extra vigilant.
Here are a few strategies for DNS defense:
  • Regularly update your DNS software.
  • Monitor DNS traffic for suspicious activity.
  • Use a DNS firewall.
  • Use multi-factor authentication. 
  • Conduct regular drills and simulations.
  • Have a robust attack response plan that includes measures to contain an attack and procedures for recovering and returning to normal.
DNS is vital to serving customers online, but attacks on the system can cripple your institution’s ability to function or expose your customers to risks like stolen financial information. With cybercrooks launching millions of DNS probes each month, the need for robust defenses is important to protect your customers and the sensitive information you’re entrusted with.
Subscribe to the BID Daily Newsletter to have it delivered by email daily.

Related Articles:

PCBB’s President’s Top Predictions for CFIs in 2025
We interviewed PCBB President Mike Dohren about the key trends he anticipates affecting CFIs in 2025, including regulatory changes, mergers and acquisitions, lending trends, and technology.
2024 in Review: Part 3 of 3 — Technology & Cybersecurity
In this third part of our review of 2024, we look at the challenges and opportunities arising from continued digital adoption, the uptake in AI, and the increased threat of cyberattacks.