SecurityHiveSecurityHive logo
SecurityHive-interview-DNSGuard-KevinGroen

How to lower the number of successful cyber attacks

By Marketing
 | 
July 5, 2023


Cyber Security without DNS Security? Why it should not be overlooked

The most common mistake in the field of security? Thinking that a firewall and antivirus software are enough to protect you. Nothing could be further from the truth. Yet many companies forget the most important part: DNS security. The result? A tremendous number of successful cyber attacks.

Unfortunately, in many cases, securing all internet traffic is forgotten. Are you worried because you have no idea what DNS security entails? Do you have no clue whether your organization has DNS security in place? That's not unusual. The current solutions are not very accessible and are often overlooked.

But fortunately, this is a problem of the past with the launch of DNS Guard. Our Commercial Director, Kevin Groen, explains what our latest product entails and why it really should not be overlooked in your security.

What is DNS traffic exactly?

Let's start at the beginning. So, explain, Kevin. What is DNS traffic exactly? He explains: "DNS stands for Domain Name System, which is a server containing a global database of domain names that are all linked to an IP address. Each website has its IP address. But that consists of various numbers and is too complicated to remember. That's where a DNS server becomes useful; once you type www.securityhive.io in your browser, the DNS server translates the name to an IP address, and you'll end up on our website. This is often compared to a phonebook.

It makes it easier for you. But if you don't protect your DNS traffic properly, you make the work of cybercriminals easier as well. Is your device infected with a virus? Then it automatically connects to the hacker's server, allowing them to take control of your device."

Favorite Target

Kevin explains that DNS traffic is often used by cybercriminals. "This is also because, in this way, an existing virus can be modified once it is recognized and blocked by security solutions. By changing the IP address behind the domain, the same virus can still cause damage. The hacker doesn't have to create a new virus to infect and take over devices again. Here are two examples:

Example 1:

It is known that device X is vulnerable to remote management. Hackers create a virus that, once it reaches device X, connects to an IP address. This IP address is the address of their server, enabling them to take control of device X. Eventually, the IP address is recognized and blocked by firewalls. Hackers have nothing to gain from this virus and stop their actions.

Example 2:

It is known that device Y is vulnerable to remote management. Hackers create a virus that, once it reaches device Y, connects to a domain. This domain is linked to an IP address, the address of their server. Subsequently, they can take control of device Y. Once the IP address is recognized and blocked by firewalls, a new server (IP address) is linked to the domain. Hackers can infect and take over more systems with the same virus. This is not possible once the domain is blocked.

A blockade in example 2 can prevent a virus from infecting systems that can be taken over remotely.

Most entrepreneurs are unaware of its existence. Often, it is thought that a firewall or antivirus software is sufficient. But with most firewalls, you only block IP addresses. Even if you use a 'next-gen' firewall with IDS or IPS. So if you want to protect your DNS traffic, specific DNS security is the only way."

How likely is it that a hacker gains control of your device through DNS traffic?

Kevin can answer this question briefly: "Big, very big. This is one of the most common threats in cyber security today. You use DNS traffic for almost everything. And we are increasingly working remotely. You can still secure your network at the office, but you have much less control over remote workers. This makes DNS security necessary. However, the products currently available on the market are scarce and expensive."

Why is DNS Guard an important solution?

"With the launch of DNS Guard, we address this problem seamlessly. DNS Guard is accessible to any company, regardless of its size," explains Kevin. "DNS Guard ensures that devices infected with a virus cannot communicate with the hacker's server. As explained in example 2, it prevents a cybercriminal from taking over your systems.

We filter and block all malicious DNS traffic immediately. The product functions as an intelligent filter. So if your device is communicating with a suspicious website or address, we block the connection and prevent the hacker from taking control. Additionally, we proactively block unreliable information, such as suspicious online banners and links in a phishing email."

"Perhaps you have heard of the Supply Chain Attack via the 3CX application. In this attack, DNS was used to download malware, create trust, and enable new servers to be added without modifying the code. DNS Guard blocked the malware from getting downloaded. Another instance where DNS Guard proved valuable was with a well-crafted phishing email. Clicking on the link led to a blocked page, thanks to DNS Guard. Apart from security awareness training, you need to ensure a technical safety net."

Every device, anywhere?

Another advantage of DNS Guard is that the solution is also suitable for devices that are difficult to secure. "Think of robots in a warehouse or sensors used to monitor hospital beds for timely care. But also think of a smart TV or Google Home device at home, through which hackers can access your devices if not properly secured. OT systems, such as machines in a production environment, are also connected to the Internet. Modern security solutions often cannot be implemented on such devices. DNS Guard can do this. We ensure that the hacker's connection is blocked even before a critical process comes to a halt."

What sets SecurityHive apart from the rest?

There are various reasons to choose SecurityHive, but what Kevin finds most important is that you choose DNS security in the first place. "Otherwise, your company is taking too great a risk. But why SecurityHive? Firstly, our team of experts is always available, anytime and anywhere. And we update our database every few minutes. So, if there's a new type of virus or an exceptionally sophisticated hacker, we block those connections very quickly. Our DNS security works so fast that you don't even notice what's happening in the background.

Our system is also very user-friendly. No one needs training to work with it. And the administrator always has access to real-time information. So, you know exactly which connections have been blocked and why. The transparency that you won't find everywhere.

Furthermore, our DNS security integrates perfectly with our other solutions. You can imagine what it means to have a complete overview of all your cyber security risks, DNS traffic, and Honeypot data that immediately alerts you when something goes wrong. You manage all this together in one dashboard. Very efficient!"

Want to learn more about DNS Guard?

Are you convinced of the importance of DNS security? DNS Guard can be tried for free and implemented in minutes. Simply remote and tailored to your process.

Start using DNS Guard