DHS issues emergency directive to counter DNS hijacking campaign — FCW
The Department of Homeland Security’s Jan. 22 warning applied to nearly all federal agencies and requires rapid action to mitigate Domain Name System compromises that have impacted ‘ multiple executive branch agency domains.’
According to Kevin Bocek, vice president of security strategy and threat intelligence for Venafi:
“This warning from the DHS demonstrates a rising tide of encryption attacks that can no longer be ignored. Attackers are essentially going after the system of trust that underpins security for the Internet: machine identities, such as TLS keys and certificates.
“Ultimately, if attackers can break DNS, steal TLS keys or misuse certificates, any government can be spoofed, and their private communications exposed. And, the research from FireEye show us that these attacks are being exploited now.
“The urgency of this DHS warning makes it clear that our government is vulnerable to attackers targeting machine identities. Even though most agencies are working with a very limited staff due to the shutdown, this warning makes it clear that they need to use their limited resource to make sure they have good intelligence on how their TLS keys and certificates are being used internally as well as a clear understanding of how they are being used across the Internet. They also need to make sure their private keys are secure and have the ability to change them quickly.”