DNS Made Easy Urges Multi-Factor Authentication in Light of Recent DNS and Domain Registration Attack

Image for post
Image for post

In light of a recent security attack, DNS Made Easy, the world-leading IP Anycast DNS service provider, is further emphasizing the importance of multi-factor authentication. This comes shortly after the website and Twitter account of electric vehicle maker Tesla was compromised on Saturday, April 25, 2015. The website was defaced after the DNS for TeslaMotors.com was redirected to another server hosting an image with various messages and faces of a few people. The DNS may have been compromised through a phishing attack, as is usually the case.

One of the messages from the @TeslaMotors hacked Twitter account linked @rootworx as taking credit for the hack. At the time of writing, Tesla Motors has managed to regain control of their accounts and investigation is underway. DNS Made Easy experts note these attacks highlight the vulnerability of domain registrar accounts and the need for extra layers of security, such as multi-factor authentication.

“DNS and domain registration hijacking is a serious concern as hackers can gain unauthorized access into a server and emails as well as have access to sensitive information,” said Steven Job, president of Tiggee, parent company of DNS Made Easy.

“We encourage all companies to discuss extra security with their registrars,” Job added. “It should be a company policy to enable a minimum of two-factor authentication for anything as important as DNS and domain registration. DNS Made Easy has supported two- and three-factor authentication for years, and we anticipate adding even more layers to keep our clients’ domains as secure as possible.”

Multi-factor authentication (MFA) of a control panel enables additional layers of security over the default single layer. MFA is one of the most cost-effective avenues businesses can use to protect digital assets, customer data and proprietary information.

Single layer authentication normally only requires a username and a password. Multi-factor authentication requires users to enter a unique code sent to them by providers via text message (in addition to their normal login credentials) in order to gain access to a service management portal. Other multi-factor options include requiring a token-generated code or even restricting access to certain IP addresses.

Besides incorporating MFA, businesses also need to be prepared for other types of cyber attacks known as Distributed Denial of Service (DDoS). These attacks are geared at taking down websites and causing internet traffic jams, which has rendered servers and networks of numerous major companies’ domains unavailable.

DNS Made Easy has made consistent progress in expanding its network to combat the growing number of DDoS attacks in recent years. DNS Made Easy recently added a new region defined for the DNS Made Easy Global Traffic Director (GTD) service in its Tokyo, Japan Point of Presence (POP) to better handle attacks and service for the Asia-Pacific area of the world.

“At DNS Made Easy, we are always investing in our infrastructure to provide the best quality experience and ROI for our clients,” Job said.

To learn more about DNS Made Easy and their IP Anycast infrastructure please visit http://social.dnsmadeeasy.com.

Originally published at DNS Made Easy News.

Learn more about the Domain Name System (it’s not as hard as you may think), we post new blogs and educational infographics every week.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store