Tuesday, 14 February 2017 18:09

Just Because You’re Not a Big Target, Doesn’t Mean You’re Safe

Written by
Rate this item
(0 votes)

Not too long ago, the New York Times’ website experienced a well-publicized attack, which raises the question – how can this happen to such a world-renowned corporation? If this can happen to the New York Times, what does this bode for the security of a small company’s website? What’s to stop someone from sending visitors of your site to an adult site or something equally offensive?

The short answer to that question is nothing. In the New York Times’ attack, the attackers changed the newspapers’ Domain Name System (DNS) records to send visitors to a Syrian website. The same type of thing can very well happen to your business website. For a clearer perspective, let’s get into the specifics of the attack and explain what DNS is.

The perpetrators of the New York Times’ attack targeted the site’s Internet DNS records. To better understand this, know that computers communicate in numbers, whereas we speak in letters. In order for us to have an easy-to-remember destination like nytimes.com, the IP address must be converted to that particular URL through DNS.

Therefore, no matter how big or small a company’s online presence is, every website is vulnerable to the same DNS hacking as the New York Times’ site. The good news is the websites of smaller companies or organizations fly under the radar and rarely targeted. Larger targets like the New York Times, or LinkedIn, which was recently redirected to a domain sales page, are more likely targets.

For now…
There is no reason to panic and prioritize securing DNS over other things right now. But there is a belief that DNS vulnerability will be something cybercriminals pick on more often down the road.

Here are a few ways to stay safe

Select a Registrar with a Solid Reputation for Security

Chances are, you purchased your domain name through a reputable registrar like GoDaddy, Bluehost, 1&1, or Dreamhost. Obviously, you need to create a strong password for when you log into the registrar to manage your site’s files. Nonetheless, recent DNS attacks are concerning because they’re far more than the average password hack.

It was actually the security of the registrars themselves that was compromised in recent attacks. The attackers were basically able to change any DNS record in that registrar’s directory. What’s particularly frightening is the registrars attacked had solid reputations. The New York Times, along with sites like Twitter and the Huffington Post, is registered with Melbourne IT. LinkedIn, Craigslist and US Airways are registered with Network Solutions. Both had been believed to be secure.

So what else can be done?

Set Up a Registry Lock & Inquire About Other Optional Security

A registry lock makes it difficult for anyone to make even the most mundane changes to your registrar account without manual intervention by a staff registrar. This likely comes at an additional cost and not every domain registrar has it available.

Ask your registrar about registry locking and other additional security measures like two factor authentication, which requires another verifying factor in addition to your login and password, or IP address dependent logins, which limits access to your account from anywhere outside of one particular IP address.

While adding any of these extra safeguards will limit your ability to make easy account change or access your files from remote locations, it may be a worthwhile price to pay.

Contact us at HITECH Computer Solutions

Read 2156 times Last modified on Tuesday, 14 February 2017 18:13
Jordon Darling - CISSP

Jordon is the President/CEO of  HITECH. He is a business minded security professional who has a passion for people and small business.  Some of his certifications include: CISSP, CSSA, MCPS, MCNPS, MS, SA

113 comments

  • Comment Link Wendy Wednesday, 18 September 2019 06:57 posted by Wendy

    Its like you read my mind! You seem to know a lot about
    this, like you wrote the book in it or something.

    I think that you could do with a few pics to drive the message home a bit, but
    other than that, this is magnificent blog. A fantastic read.
    I'll certainly be back.

  • Comment Link Elijah Monday, 16 September 2019 15:34 posted by Elijah

    It's really very difficult in this busy life to listen news
    on TV, so I just use the web for that purpose, and get the most up-to-date information.

  • Comment Link Danny Monday, 16 September 2019 14:51 posted by Danny

    I just couldn't go away your site before suggesting that I actually loved the standard info
    a person provide for your visitors? Is gonna be again regularly to check
    up on new posts

  • Comment Link Margene Monday, 16 September 2019 04:48 posted by Margene

    I am not sure where you're getting your info, but good topic.
    I needs to spend some time learning more or understanding more.
    Thanks for great info I was looking for this information for my mission.

  • Comment Link Mora Sunday, 08 September 2019 09:15 posted by Mora

    I couldn't resist commenting. Perfectly written!

  • Comment Link Evelyn Sunday, 08 September 2019 05:43 posted by Evelyn

    An impressive share! I've just forwarded this onto a friend who had been doing a little homework on this.
    And he actually bought me breakfast due to the fact that I discovered it for him...
    lol. So let me reword this.... Thank YOU for the meal!!
    But yeah, thanx for spending time to discuss this issue here on your blog.

  • Comment Link Denis Saturday, 07 September 2019 12:30 posted by Denis

    Thanks for finally talking about >Just Because You’re Not a Big Target,
    Doesn’t Mean You’re Safe Liked it!

  • Comment Link Rich Saturday, 07 September 2019 10:58 posted by Rich

    Hello this is somewhat of off topic but I was wondering if blogs use WYSIWYG
    editors or if you have to manually code with HTML. I'm starting a blog soon but have
    no coding knowledge so I wanted to get guidance from someone with
    experience. Any help would be enormously appreciated!

  • Comment Link Ferne Saturday, 07 September 2019 09:43 posted by Ferne

    Hello colleagues, its impressive article regarding educationand completely defined,
    keep it up all the time.

  • Comment Link Elke Saturday, 07 September 2019 09:23 posted by Elke

    It's a pity you don't have a donate button! I'd without a doubt donate
    to this excellent blog! I guess for now i'll settle for book-marking and adding your RSS feed to
    my Google account. I look forward to new updates and will talk about
    this blog with my Facebook group. Talk soon!

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.