A recent event in the internet world highlighted a bigger security concern. The event was Google calling out Gogo, the inflight Wi-Fi service, for creating false SSL certificates and redirecting traffic for key sites through their proxy.
A key point to acknowledge in Google’s objection to the practice is the intelligent concern of MITM (man-in-the-middle) attacks. Google is well aware that this is one of the main concerns facing the internet – one of the reasons they are promoting the use of HTTPS for all web sites (See Image #1).
Image #1: DNS hackers attempt to modify the “Internet Name” to “Internet Translation” for the purpose of redirecting traffic to their site.
Best Practice: Secure your DNS Services
Before this can be done, an immediate best practice for enterprises is to ensure that they have secured their DNS services. These are the services that translate a “named” site, e.g. www.acme.com to an internet address, 126.96.36.199. A slew of attacks on the DNS system are being perpetuated by hackers. If they succeed on these DNS attacks, they BECOME the bank/financial/healthcare site and therefore can collect all data that the user delivers.
For this purpose, IT architects and security personnel should ensure their enterprise uses the most advanced DNS services. dinCloud utilizes a core IP Anycast routed DNS architecture that has provided our clients with a 99.9999% uptime history. The use of IP Anycast routing guarantees the dinCloud network is of the highest quality as well as fully redundant with no single point of failure. A 99.9999% overall uptime history is something that very few providers worldwide can claim.
Read more about our offerings in the dinCloud Security WhitePaper.
Or Contact us – and we’ll give you a demo! All the best! Cloud on!