As your trusted IT partner, we want to inform you of a potentially dangerous threat to your business. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), has issued a warning regarding a Domain Name System (DNS) hijacking campaign being waged in which attackers can gain control of your hosting and DNS records and potentially disrupt, disable, or steal email, website traffic, and in some cases even allow attackers to access data within your network. For more information, you can access the NCCIC article here.
NCCIC recommends the following best practices to help safeguard networks against this threat:
- Update the passwords for all accounts that can change organizations’ DNS records.
- Implement multifactor authentication on domain registrar accounts, or on other systems used to modify DNS records.
- Audit public DNS records to verify they are resolving to the intended location.
- Search for encryption certificates related to domains and revoke any fraudulently requested certificates.
The good news is that protecting yourself is easier than you think. We urge you to take immediate action by contacting Silverado support at firstname.lastname@example.org or 520.903.1580.