Introducing the Infoblox DNS Threat Index: Measuring Cybercrime Infrastructure Build-up before the Attacks

Share On Facebook
Share On Twitter
Share On Linkedin

Use Intelligent IPAM to Better Secure your Network from Rogue and Infected Devices

Today Infoblox is announcing the launch of a unique new measure of cybercrime attacks: The Infoblox DNS Threat Index, powered by IID. The index is unique because it tracks the creation of malicious domains. Before cyber criminals can execute an attack, they must first build infrastructure, which often includes exploitation of the Domain Name System (DNS).

So what did our research find? The index, which is built on data going back to the beginning of 2013, hit a record high of 133 in the second quarter of 2015, up 58 percent from the same quarter in 2014. The rise was due largely to a surge in phishing attacks. Phishing, a time-tested weapon of cybercriminals, involves sending emails that point users to fake web sites—mimicking a bank’s home page, for example, or a company’s employee portal—to collect confidential information such as account names and passwords or credit-card numbers.

We also saw a growing demand for exploit kits, which are packages of malicious software that are typically hidden on web sites and appear to be innocuous until they download malware when a user visits.

Knowing and differentiating between different attacks and the different threat levels of DNS-based malware can help organizations to prepare by prioritizing investments in infrastructure and host protection as well as technologies that provide visibility into malware outbreaks.

Another trend Infoblox and IID found is a phenomenon we’re calling “seasons” of cybercrime. Our research indicates that effectively, there are two seasons that are constantly cycling back and forth: planting and harvesting. The planting season is when cybercriminals build infrastructure for malicious attacks. Then attackers begin to harvest their extensive infrastructure, stealing data and generally causing harm to their target victims. Our new index helps organizations to understand where attackers are in this endless cycle.

Find out more about DNS threats and malicious domain creation in our full report, available for free with no registration required at: www.infoblox.com/dns-threat-index.

Labels:

Craig Sanderson

Principal Cyber Security Strategist at Infoblox

Craig Sanderson is the Principal Cyber Security Strategist at Infoblox. Craig has over 25 years of experience in the CyberSecurity industry with a broad array of roles ranging from consultancy, security architecture, business development and product management. Over the last seven years, Craig has been responsible for creating the vision, strategy and delivered the execution of the Infoblox BloxOne Threat Defense solution. He continues to be passionate about the role that DNS can play in delivering world class cyber security with a particular emphasis on how DNS can become the foundation for national and governmental Protective DNS solutions

View All Posts
×