For most internet users, there’s not much of a perceivable difference between the domain name they want to visit and the server that the domain queries.

That’s because the Domain Name System (DNS) protocol does a good job of seamlessly routing users to different IP addresses that are all associated with a single domain name. The bad news is that this level of seamlessness makes it easier for threat actors and criminals to steal sensitive information and compromise computer hardware and networks with malware.

Cybersecurity Live - Boston

The latest news on DNS vulnerabilities shines the spotlight on nine newly discovered vulnerabilities that put more than 100 million IoT devices in jeopardy. These DNS vulnerabilities, dubbed “NAME:WRECK DNS,” threaten IoT users with Denial of Service (DoS) and Remote Code Execution attacks that let cybercriminals assume control over targeted IoT systems. Once attackers take these devices offline, there’s nothing left to stop them from targeting and assaulting other IoT attack surfaces.

It’s important that organizations in sectors from government to healthcare better understand how to protect themselves and their networks from NAME:WRECK DNS bugs. Let’s take a quick dive into how these DNS vulnerabilities are impacting organizational security before exploring the best ways that organizations can guard against them.

Patching TCP/IP stacks is the priority

Among the different TCP/IP stacks that IoT firmware and IT software use, FreeBSD, IPnet, Nucleus NET and NetX are the most popular. And since all network traffic is processed by a TCP/IP stack, bugs in a TCP/IP library can lead to major DNS vulnerabilities. These four TCP/IP stacks run on high-performance servers that handle networks for organizations operating in multiple sectors, which are now at serious risk of suffering widespread disruption.

Organizations using these vulnerable IoT TCP/IP stacks need to prioritize patching them to protect their connected IoT devices. Users (Read more...)