Cloudmark introduces protection against DNS threats

Cloudmark, Inc., a provider active in security, protecting traffic, and safeguarding data and infrastructure from network threats, announced on October 7 the Security Platform for DNS, which delivers comprehensive, carrier-grade protection for the Domain Name System (DNS).

With Cloudmark, service providers and enterprises can now quickly identify and block DNS threats, protecting against significant damage to their business and network.

“Criminals are actively seeking to launch attacks by exploiting weak DNS security defenses. By targeting DNS, they are able to wreak havoc on service providers with DDoS attacks, hijack subscriber devices, and hide malware communications”

DNS is a critical component of the Internet’s structure — keeping track of domain names and translating them into Internet Protocol (IP) addresses. For example, the domain name cloudmark.com translates in to 208.83.136.39. Cybercriminals are exploiting DNS’ open architecture to launch attacks on organizations with the goal of disrupting their infrastructure. For example, as of the first half of 2014, about 42 percent of all distributed denial of service (DDoS) incidents were DNS Flood Attacks.

With the rise of DNS-related threats, organizations need to strengthen their network and infrastructure defenses, says Cloudmark. DNS attacks can negatively impact operations and siphon off valuable resources, such as proprietary information. Cyber-criminals are also able to launch DDoS events leveraging publicly accessible open DNS servers, overwhelming DNS infrastructure of service providers and enterprises and creating outages, thus resulting in total or partial loss of Internet service for an organization’s subscribers and/or employees.

DNS attacks are typically not blocked by standard security measures and can result in lost productivity, increased resource consumption and costs, and customer and subscriber churn. Cloudmark found recently at one customer that up to 40 percent of DNS traffic was malicious, which nearly doubled the DNS infrastructure capacity required. Cloudmark Security Platform protects that infrastructure from the malicious traffic by blocking threats in real-time.

“Criminals are actively seeking to launch attacks by exploiting weak DNS security defenses. By targeting DNS, they are able to wreak havoc on service providers with DDoS attacks, hijack subscriber devices, and hide malware communications,” said Patrick Donegan, senior analyst, Heavy Reading. “Service providers and enterprises need to take steps to proactively address their DNS security posture to ensure their entire infrastructure is properly protected.”

Cloudmark Security Platform for DNS is a software solution that safeguards DNS infrastructure and traffic from ever-evolving network threats. With Cloudmark Security Platform for DNS, service providers and enterprises gain deep insights into how DNS elements are being used and misused. As a result, organizations can prevent unnecessary capacity increases due to malicious attacks, as well as protect against threats that could result in Internet outages, malware infections, security control bypass and sensitive or private data exfiltration.

Cloudmark Security Platform for DNS runs on an efficient architecture that ensures accuracy, scalability and value. It can be implemented as a comprehensive, standalone security solution or as an enhancement to existing security hardware and appliances. It performs real-time application layer behavior and content analysis to predict threats.