While many organizations rightfully invest significant time and resources in protecting web and email attack vectors, many security professionals don’t realize the ease and prevalence of DNS abuse by attackers. In fact, many security teams don’t inspect DNS traffic for threats because they assume queries sent over DNS protocol and port 53 are benign.
The Domain Name System (DNS) is wide open for attackers, almost 80 percent of malware uses DNS to initiate command-and-control (C2). Also, do not forget DNS tunnelling or high volume of malicious domains. Understanding how adversaries abuse DNS is the first step to stopping attacks on your network and minimizing your cybersecurity risks. Find out how to control and prevent all malicious DNS activities with Palo Alto DNS Security.