The Newest Cyber-Crime: DNS Cache Poisoning

Just when you think you have the best technology available to stop criminals from entering your financial institution through a cyber back door, along comes a brand new crime. DNS cache poisoning is the latest vulnerability the financial world is keeping an eye on.

The domain name system (DNS) allows you to set up a domain name for your organization on the Internet (Microsoft.com, for example) and changes that name into numeric code so that networking hardware can understand it. DNS cache poisoning takes advantage of a flaw in this process, giving hackers the ability to redirect Internet users to malicious sites without their knowledge.

The flaw was discovered only a few months ago by a security researcher, who reported it to authorities and began working in secret with major security vendors to fix the problem. The goal was to create a patch for the problem before hackers ever discovered it; in early July patches were shipped from major security vendors to help Internet Service Providers (ISPs) protect against the flaw. But before the patches could be applied everywhere they were needed, hackers jumped into the fray and posted instructions for exploiting the flaw.

At this writing, DNS cache poisoning is still a major threat to financial institutions as well as anyone else with a domain name. Microsoft has issued a security advisory on the topic; you can learn more details about it here. Keep in mind, however, that DNS cache poisoning has nothing to do with a specific operating system — it can affect any Internet user.

To help your customers avoid becoming victims of this newest cyber crime, get confirmation from your ISP that it has successfully applied the patch. If your organization runs its own DNS servers, contact your security vendor to get and apply the patch on your own.

For solutions to your IT staffing needs, contact Vinay Singh, Director of Financial Service Staffing at The Connors Group, at vinay@theconnorsgroup.com or 201-537-0032.