Here at the DoDIIS 2017 conference, we’re hearing a lot about the role of cybersecurity in so-called “fifth generation warfare” – a concept with direct relevance to the power of DNS for network security.
In the fifth generation warfare concept, boundaries between the digital battlefield and the physical battlefield are blurred. Cyberattacks and kinetic attacks happen in tandem, with the goal of taking down critical networks to limit the opposing military’s ability to respond.
Lieutenant General Vincent Stewart, Director of the Defense Intelligence Agency, spoke about how this emerging type of warfare “shrinks the decision space” for any military or political response in the event of an attack.
In the cyber world, this often means constraining the enemy’s network availability when troops on the ground are acting. General Stewart used Russia’s actions in the Crimean peninsula as an example; as the “little green men” came in on the ground, Russia’s cyber warriors were constraining the Ukrainian government’s ability to respond effectively.
This kind of offensive cyber warfare rarely happens all at once. Infiltrating an opponent’s network often takes place over time, simmering in the background until it is called to action (as it was in Ukraine).
In this environment, enterprise level DNS data is a critical tool for both preventing cyberattacks and establishing resilience when attacks hit.
Sitting at the core of the network’s architecture, a centrally monitored and managed Domain Name System can detect the subtle indications of a breach, “beaconing” pings of outside IP addresses, unusual transfers of data, and searches for sensitive areas of the network – signaling malicious activity. DNS also plays a critical role in network resilience, quickly identifying and annulling the impact of a cyberattack from the network’s core infrastructure.
With in active DNS-based security in place, DOD and intelligence IT security personnel can actively expand the decision space of the political leaders they support. General Stewart’s ideal network – “resilient and maneuverable” – has DNS at its core.
9.3 Integrity Deep Dive On-Demand Replay
Learn how you can get more security data, ramp up automation, and adopt cloud without compromising performance.
For DNS server caching, what is the ideal TTL?
Many factors affect how to set time to live (TTL) for DNS servers. Learn more, plus how BlueCat Edge’s TTL features can bolster your network.
Comparing AWS, Azure, and GCP cloud DNS services
The public cloud presents major challenges for DNS management. Examine various capabilities and limitations of Azure, AWS, and GCP with BlueCat.
DDI Day: Kudos, awards, and insights from pioneers
BlueCat’s DDI Day on April 13 celebrated network infrastructure professionals, gave awards to superstars, and drew insight from DNS and DHCP pioneers.