t cht lk
t cht lk
Roman Flepp , Marketing Director and Board Member , Threema
One of the most popular attack techniques involves the domain name system , DNS . The DNS protocol is essential to every Internet-based service and is used to translate alphabetic domain names into a set of numerical Internet protocol addresses . DNS is one of the key protocols that makes the Internet work .
Time for self-hosted messaging
Organisations have rapidly embraced the amenities of digital technology , with instant messaging being one of the most visible exponents of this trend : an alternative to e-mail or collaboration tools , instant messaging is an easy-to-use and feature-rich alternative .
Nevertheless , the use of smartphones for business purposes is not exempt of risks . Studies show that together with e-mail and cloud file sharing , unsecured instant messaging via smartphones is one of the riskiest channels for data breach , data theft or misuse in organisations .
A surprisingly large number of organisations still collaborate with consumergrade messengers ; when asked about data privacy , they point at end-to-end encryption , EE2E , a standard practice that makes sure that only the sender and the recipient have access to the contents . However , even the best encryption is no guarantee against data leakage .
Some of the most popular consumer applications systematically collect and process sensitive user data for advertising and marketing purposes .
Their business models are based on gathering large amounts of metadata that may include information about the location , time and duration of the communication , telephone number and IP address , meaning that the data privacy of executives and , or other staff can be compromised .
Organisations have little or no control over the privacy settings on mobile phones of employees ; most consumer applications simply do not meet enterprise-grade communication safety standards .
Self-hosting requires a certain technical knowledge and investment , though it can be part of a successful cybersecurity strategy that helps protecting businesses against bad actors .
The first step to armour instant messaging on mobile phones against unwanted intruders consists in replacing consumer applications by a secure communication channel . A corporate-grade messaging application ensures the data privacy of its user and comes with a set of features that allows IT administrators to control , secure and enforce policies on employee devices with a wide set of configurable parameters .
In everyday business , it supports closed user groups , E2EE for all user data , files , images , videos , group calls , videos . Critical organisations , who routinely manage sensitive information might consider a self-hosted communication solution that provides full control over data , server , and software . An independent and completely self-contained chat environment protects against industrial espionage , malware , CEO Fraud , phishing , ransomware , and other threats .
By gaining absolute data ownership , businesses can ensure the highest security standards while following all the legal requirements for corporate communication .
Today , many organisations provision their own DNS infrastructure to ensure uninterrupted operations of their IT infrastructure and business applications . For example , in many organisations computers default to using the organisation ’ s own DNS servers .
This helps internal users access internal websites while keeping such domain names confidential and secure . However , DNS still is still one of the favourite attack vectors for cyber criminals for two main reasons :
• DNS is an inherently insecure protocol and easier to target .
• DNS is fundamental to the operations of the Internet and applications .
Bringing DNS down can have a much greater impact compared to simply targeting individual applications or services .
As more organisations rely on online applications , DNS exploits have become more common . In a 2023 IDC study , 88 % of organisations have experienced one or more DNS attacks on their network , with an average of seven per year and each successful attack costs the business , on average , $ 942,000 .
There are several different DNS-based attack techniques including : DNS tunnelling , DNS phishing , DNS hijacking or credential attacks , DNS spoofing , and DNS malware . DNS attacks are also used as the basis for both DDoS and more advanced phishing attacks .
Many DDoS attacks rely on ways to abuse DNS protocols , including traffic amplification , subdomain attacks , DNS floods and DNS recursion attacks . DNS hijacking , for example , allows attackers to re-route queries from an organisation ’ s servers to destinations that they control , and it is often used to insert malware into endpoints .
With DNS spoofing , malware is injected into DNS caches , or directly via DNS tunnelling , so hackers can redirect DNS query traffic . DNS NXDomain flood attacks send spurious queries to non-existent domain names with requests for invalid or non-existent records , tying up servers .
All of these types of attacks can have short- and long-term implications . In the immediate aftermath
76 INTELLIGENTCIO MIDDLE EAST www . intelligentcio . com