Every day I read about the latest way that bad guys have been discovered wreaking havoc on businesses via the Internet. In waves will come the highly improbable, the not possible to protect against without shutting down peoples ability to work and then the newly discovered mainstream hack that will end up potentially affecting our clients. We work to spot the later and set you up to avoid those. Now is that time again.
Most hackers are simply copy cats. After a while, you can see the pattern. A government organization or major organized crime find a way to exploit a large swath of governments and businesses. But they have a target in mind and that we all now know about it means that they’ve been discovered and will soon move on to something else. They are always doing the hard work. Following that though comes the copy cats that take this knowledge copy it and apply it more broadly into other types of hacking tools. This is when we have to take action. That time has come again.
Cisco published a new report where state-sponsored hackers recently took control of large swaths of northern Africa and Middle Eastern corporate and government DNS. DNS is how the Internet works. When you control DNS you control the flow of information over the Internet.
By obtaining control of victims’ DNS, the attackers can change or falsify any data on the Internet, illicitly modify DNS name records to point users to actor-controlled servers; users visiting those sites would never know, Talos reported.
The government behind this hack has its own motivations but when the copy cats get hold of this new technique they will be able to use it to falsely represent you, to redirect your traffic or to take your business off the internet altogether. To combat this we’re going to use the best tool that we have at this time, which is two-factor authentication on the accounts associated with your DNS hosting. Your DNS is hosted with whoever you bought your domain name from. We have gathered many of these into a central location over the years but some of our clients are still hosting those with the original holder on accounts that are insecure. We will work to shore those up. For most of you, there is a login account that we have and there is a login account that you have. We will be securing both.
You’ll see this come through on the ticket system as a security issue but security is often something that we also consider part of maintenance.
I haven’t written lately about much of the security work that we’re doing for you in the background month in and month out but I’m going to start again. These will be in addition to the how-to type posts that Sarah is writing.
-Amy Babinchak, President
About Harbor Computer Services
Harbor Computer Services is an IT firm servicing Southeastern Michigan. We work exclusively under contract with our clients to provide technology direction and either become the IT department or provide assistance to the internal IT they already have. We have won many awards for our work over the years, including the worldwide Microsoft Partner of the Year in 2010. We’re the smallest firm to have ever won this most prestigious award. Most recently we were recognized as one of the top 20 visionaries in small business IT by ChannelPro Magazine (2015). In 2016 as the top Michigan IT firm for Manufacturing. In 2017 as a top 100 most influential Channel leader by Forrester.
There are a few simple things that make Harbor Computer Services the best choice for your business. •We are Professionals •We are Responsible •We are Concerned About The Success of Your Business