While DNS packets are often ignored by cyber defence solutions, attacks that exploit DNS are very common. In 2017 it was estimated that 76% of organisations around the world suffered DNS-based attacks. The total cost of these attacks is constantly rising, costing businesses millions in damages, compensation and remedial work.
This paper looks at what the DNS layer is, how it functions and how it can be exploited by cyber criminals, hacktivists and nation-state backed hackers. While unprotected DNS environments offer a considerable threat surface, applying a layer of visibility and control to DNS improves an organisations threat detection operations and introduces real-time capabilities to shut down threats before they cause damage.