As reported by Cisco, Domain Shadowing attacks have risen more that 4x in the last year. This is a disturbing trend, that concerns all businesses, whether small, medium or large. DNS Shadowing attacks utilize a business’s reputation to acquire access to important personal or financial information typically by leveraging a subdomain of the business. For example, an attacker with access to your DNS configuration can setup an spam.yourdomain.com subdomain and route your customers to a website with your look, feel and branding. From there, your customers will be prompted to login, and expose their credentials and personal information.
This type of threat even affects government agencies, as recently seen with the St. Louis Federal Reserve. Attackers gained access to the DNS servers and added a subdomain on a foreign server where they gathered login credentials from researchers. While gathering researchers credentials may not seem frightening, there is potential that these credentials could have been leveraged to access more financially relevant systems.
Incidents like these highlight the need for multi-layered threat protection that protects your servers and your reputation across multiple technologies and externally monitors threats. At MxToolbox, we offer comprehensive monitoring solutions, like DNS Zone Protect, to help protect our customers from new and emerging threats. DNS Zone Protect gives you peace of mind knowing that changes to your DNS are being externally monitored by MxToolbox.