Protect Your Network, Protect Your House: Takeaways from the Capital Cybersecurity Summit

On November 14 and 15, the Northern Virginia Technology Council hosted the second annual Capital Cybersecurity Summit in Virginia.

On November 14 and 15, the Northern Virginia Technology Council hosted the second annual Capital Cybersecurity Summit in Virginia. With a number of industry-leading speakers and over 350 attendees, one of the hot topics of discussion included the importance of a well-educated, cybersecurity-savvy workforce in creating a more empowered society.

The evolution of hackers, bad actors, malware, and subsequently cybersecurity protocols, inspires an interesting comparison: If you know there is a burglar in your neighbourhood, you wouldn’t think twice to protect your home by any means necessary. And if the burglars changed their tactics, wouldn’t you? Bad actors move fast. You have to move faster. Ignorance is no longer an option. It’s time to educate, prepare, and protect yourself, your network and your data.

Do your cybersecurity protocols prevent burglaries, or home invasions?

Cybersecurity used to be about preventing burglary. The thieves wanted data, and only data – personal information, trade secrets, intellectual property. Once they had it, they usually left the rest of the network untouched.

In today’s landscape, however, cybersecurity protocols should be focused on preventing home invasions. While data remains a valuable target, criminals have discovered that by taking their time, watching patterns, and becoming an intrinsic part of the network themselves, they can gain access to much more valuable assets.

Home invasion-style cyber attacks use your network as a weapon. Criminals are aggregating the computing power of your infrastructure and using it to attack networks in ways you’ve never seen.

DNS is a critical tool for the advanced persistent threats which plague the internet with home invasion-style tactics. Using the naïve characteristics of DNS resolution, bad actors can search for the critical files they want, receive instructions from outside, and develop command and control right under your nose.

91% of cyber attacks utilize DNS, and it’s no wonder – most IT security personnel see it as an uninteresting piece of infrastructure as opposed to a cybersecurity asset.

What can we do to protect ourselves?

DNS filters and firewalls are a step in the right direction, but most are still based on the old burglary model. Out on the network boundary, a DNS firewall can track external network traffic – the simple “north-south” queries. But addressing advanced persistent threats requires insight into internal DNS activity.

Breaches are the new normal, and they rarely happen overnight. In fact, malicious actors are probably on your network right now, searching for the right information or waiting for instructions. In this new home invasion paradigm, the network boundary quickly loses its value – there is no longer any separation between internal and external.

A client-facing DNS security system is like putting a Doberman in every room of your house rather than just one on the front porch. By looking at the source and intent of every DNS query, client-facing DNS security systems can identify even the sneakiest,  most patient malware.

By blocking malicious DNS queries at the client level, IT security personnel can prevent lateral, “east-west” movement that allows cyber criminals to maliciously leverage the naïve properties of DNS. As an added bonus, it also protects against suspicious north-south traffic, preventing the “beaconing” behavior which most advanced persistent threats use as a trigger for action.

As advanced persistent threats grow more potent, CISOs need to look for cybersecurity assets wherever they can – even in the most mundane-seeming infrastructure systems. DNS-based security takes cybersecurity to the next level by using this under-appreciated infrastructure as protection against this new breed of home invasion-style attacks.


An avatar of the author

BlueCat provides core services and solutions that help our customers and their teams deliver change-ready networks. With BlueCat, organizations can build reliable, secure, and agile mission-critical networks that can support transformation initiatives such as cloud adoption and automation. BlueCat’s growing portfolio includes services and solutions for automated and unified DDI management, network security, multicloud management, and network observability and health.

Related content

Micetro 11.1 boosts DHCP management for Cisco Meraki SD-WAN

Learn how BlueCat Micetro 11.1 can help you overcome the limitations of Cisco Meraki SD-WAN devices to manage your distributed DHCP architecture.

Read more
Banner announcing BlueCat's acquisition of LiveAction, displaying both logos and the phrase "We're about to get bigger."

BlueCat acquires LiveAction to drive network modernization and optimization

BlueCat’s acquisition of LiveAction will allow customers to expand their view beyond DNS and dive deeper into the health of their network.

Read more

Simplify NIS2 compliance with DNS management

Learn whether the EU’s NIS2 requirements apply to your organization and about how DNS management and BlueCat can boost your path to compliance.

Read more

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Unlock the secrets to modernizing your IT network! Join our webinar on January 23 to learn how self-service DNS and DHCP can help you solve the cloud puzzle.