Here at the DoDIIS 2017 conference, we’re hearing a lot about the role of cybersecurity in so-called “fifth generation warfare” – a concept with direct relevance to the power of DNS for network security.
In the fifth generation warfare concept, boundaries between the digital battlefield and the physical battlefield are blurred. Cyberattacks and kinetic attacks happen in tandem, with the goal of taking down critical networks to limit the opposing military’s ability to respond.
Lieutenant General Vincent Stewart, Director of the Defense Intelligence Agency, spoke about how this emerging type of warfare “shrinks the decision space” for any military or political response in the event of an attack.
In the cyber world, this often means constraining the enemy’s network availability when troops on the ground are acting. General Stewart used Russia’s actions in the Crimean peninsula as an example; as the “little green men” came in on the ground, Russia’s cyber warriors were constraining the Ukrainian government’s ability to respond effectively.
This kind of offensive cyber warfare rarely happens all at once. Infiltrating an opponent’s network often takes place over time, simmering in the background until it is called to action (as it was in Ukraine).
In this environment, enterprise level DNS data is a critical tool for both preventing cyberattacks and establishing resilience when attacks hit.
Sitting at the core of the network’s architecture, a centrally monitored and managed Domain Name System can detect the subtle indications of a breach, “beaconing” pings of outside IP addresses, unusual transfers of data, and searches for sensitive areas of the network – signaling malicious activity. DNS also plays a critical role in network resilience, quickly identifying and annulling the impact of a cyberattack from the network’s core infrastructure.
With in active DNS-based security in place, DOD and intelligence IT security personnel can actively expand the decision space of the political leaders they support. General Stewart’s ideal network – “resilient and maneuverable” – has DNS at its core.
Critical conversations on critical infrastructure
Find out how your peers are managing their networks through profound change. Watch this series of live interactive discussions with IT pros & join the debate in Slack.
Six non-hype network automation lessons from IT pros
Five IT pros get real about network automation during the first Critical Conversation on Critical Infrastructure hosted in the Network VIP community.
BlueCat’s DDI Adaptive Plugins and Applications help IT teams better leverage ServiceNow, Ansible, Microsoft, and more
A growing suite of Adaptive Plugins and Applications will help automate existing BlueCat capabilities along with adjacent customer technologies.
BlueCat Overlay for Microsoft
With BlueCat Overlay for Microsoft, get visibility into Microsoft DNS and DHCP servers by relaying information back to your BlueCat Address Manager server.
With the ServiceNow Adaptive Plug-in, enable self-service IT requests with automated fulfillment, such as hostname and IP address provisioning.