San Mateo, California, November 10th, 2020
Farsight Security® Distinguished Scientist and Director of Research Joe St Sauver will present, “Anomalous DNS Traffic During the 2020 Pandemic” on Wednesday, November 18th, 2020 at the 2020 APWG eCrime Symposium, a virtual event that will be held from November 16th-19th, 2020. Registration is required to attend the event.
Denial of service attacks remain an unfortunate aspect of online life, and a worry for virtually all network and system administrators. While preparing a routine research report on observed passive DNS traffic volumes for select industries, from airlines and retail to streaming and technology, during the 2020 pandemic, Farsight uncovered evidence of anomalous traffic spikes associated with DNS SOA ("Start of Authority") records and select other RRtypes. This unexpected traffic was not the more-gradual growth in traffic expected (and observed) as the economy reconfigured itself and businesses and families reconfigured to adjust to the lockdown and other changes due to Covid-19. The traffic spikes we saw were more likely associated with third-party attackers leveraging the DNS servers of major sites as a denial of service reflector/amplifier. This phenomena is briefly described in Section 6, (pages 16-20) in our research report.
In this presentation, Dr. St Sauver will describe the phenomena in more detail and outline the importance of (a) limiting the use of DNS wildcarding, (b) enabling DNS Response Rate Limiting, and (c) monitoring traffic levels on major DNS servers as part of forestalling the proliferation of these types of attacks.
Joe St Sauver, Distinguished Scientist and Director of Research, Farsight Security, @FarsightSecInc
Wednesday, November 18th, 2020
1:45 PM – 2:15 PM ET
* NOTE: Registration for the 2020 APWG eCrime Symposium is required to attend this session.
Joe St Sauver from @FarsightSecInc to present, “Anomalous DNS Traffic During the 2020 Pandemic” at the 2020 @APWG eCrime Symposium on 11/18 at 1:45 PM ET
APWG is the international coalition unifying the global response to cybercrime across industry, government and law-enforcement sectors and NGO communities. APWG’s membership of more than 2200 institutions worldwide is as global as its outlook. APWG’s directors, managers and research fellows advise national governments; global governance bodies like the Commonwealth Parliamentary Association, OECD, International Telecommunications Union and ICANN; hemispheric and global trade groups; and multilateral treaty organizations such as the European Commission, Council of Europe’s Convention on Cybercrime, the United Nations Office of Drugs and Crime (under the Doha Declaration and the Salvador Declaration) and Organization of American States. Operationally, the APWG conducts its missions through: APWG, a US-based 501(c)6 organization; the APWG.EU, the institution’s European chapter established in Barcelona in 2013 as a non-profit research foundation incorporated in Spain and managed by an independent board, including APWG founding directors; the APWG's global machine event data clearinghouse, eCrime eXchange; the STOP. THINK. CONNECT. Messaging Convention, Inc., a US-based non-profit 501(c)3 corporation; and the peer-reviewed annual Symposium on Electronic Crime Research (APWG eCrime) with proceedings published by IEEE.
About Farsight Security
Farsight Security, Inc. is the world’s largest provider of historical and real-time passive DNS data. We enable security teams to qualify, enrich and correlate all sources of threat data and ultimately save time when it is most critical - during an attack or investigation. Our solutions provide enterprise, government and security industry personnel and platforms with unmatched global visibility, context and response. Farsight Security is headquartered in San Mateo, California, USA. Learn more about how we can empower your threat platform and security team with Farsight Security passive DNS solutions at www.farsightsecurity.com or follow us on Twitter: @FarsightSecInc.
Director of Corporate Communications
Farsight Security, Inc.
APWG Secretary General