During the Defense One Tech Summit last Thursday, the director of cybersecurity of the National Agency for American Security (NSA) presented a test around Secure DNS. Objective: to avoid cyberattacks targeting SME-ETI contractors working for the US defense department.
Created in 2018 by US President Donald Trump, the cybersecurity agency – equivalent to ANSSI for the United States – attached to the Department of Homeland Security (DHS), had issued an alert in early 2019 (Emergency Directive 19-01 ) on a series of cyber attacks attributed to Iran. Their particularity? Target the DNS infrastructure which allows, as CERT-FR reminds, to undermine the integrity of the data, to proceed to saturation of the server (cache or authority) or of an equipment in cut-off (router, firewalls, etc.) by frames, bypassing the security policy by using the DNS request / response system to create a hidden tunnel, etc.
In order to guard against this type of attack, the cybersecurity division of the US National Intelligence Agency (NSA), set up in late 2019, launched a pilot project called Secure DNS. Launched a month and a half ago, this program should make it possible to secure the access of subcontracting SMEs / ETIs and having contracts with the American Department of Defense (DoD) linked to its information system, in particular those working on weapons technology development projects.
Very conclusive results according to the NSA
“Our analysis showed that using secure DNS would reduce the capacity of 92% of malware attacks going through command and control servers by deploying malware on a given network,” said Anne Neuberger, director of cybersecurity of the NSA during a speech last Thursday at the Defense One Tech Summit 2020.
From the first feedback from the tests carried out, the pilot’s results which have been carried out seem very conclusive. Ultimately, the NSA cyber entity plans to document and standardize its Secure DNS service. “This is a model that can help revive this type of security, especially for SMEs that do not have the capacity to invest in resources or [d’avoir] appropriate qualified personnel ”. In France, the ANSSI had the opportunity in a guide to evoke – without going into details – the main lines of a secure DNS infrastructure.