The domain name system (DNS), sometimes referred to as the “phone book of the internet,” is a fundamental component of our online lives. A product of the early digital age, its structure creates unique challenges to applying security upgrades, subsequently creating large security gaps in an integral layer of the internet itself. Peter Lowe, principal security researcher, DNSFilter, discusses navigating these challenges and overcoming the gaps.
These gaps allow for DNS poisoning attacks. Sometimes called “cache poisoning” attacks, they can take advantage of DNS vulnerabilities to devastating effect. Added security can mitigate these attacks, so why isn’t more being done?
The technology exists to secure the DNS layer of the internet, but the lack of public knowledge about this issue and the requirements to secure DNS prevents the industry from maintaining a safer internet. History has shown that the cyber security market has overcome similar challenges; we need to spark a lot more interest (and tease incentives) first.