IT Brief India - Technology news for CIOs & IT decision-makers
India
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
#
Malware
#
Phishing
#
Advanced Persistent Threat Protection

Exclusive: Infoblox reveals the importance of DNS security in the digital age

Yesterday
Author image
By Melania Watson, Interview Editor

For more than three decades, Cricket Liu has been immersed in the world of DNS (Domain Name System).

As Infoblox's Chief Evangelist and a Senior Fellow, he has made it his mission to educate businesses on the importance of DNS security.

Despite its fundamental role in internet infrastructure, Liu believes DNS is still "widely misunderstood" - even by those in the IT and cybersecurity sectors.

"DNS is critical," he stressed to TechDay during a recent interview. "It mediates every transaction that occurs over the internet."

"It's surprising that not many people really understand DNS, and not many people realise how powerful it can be."

Infoblox, founded in 1999, started as one of the first companies to develop an appliance-based DNS and DHCP (Dynamic Host Configuration Protocol) server. Since then, the company has grown into a leader in DNS security solutions, with over 2,000 employees worldwide and a customer base spanning the globe.

While North America remains a key market, Infoblox has a significant international presence, particularly in the ANZ region.

The Overlooked Security Risk

DNS is often underestimated as a security risk, and that oversight can be costly. Liu explained that DNS plays a role in nearly every cyberattack, from phishing campaigns to malware infections.

"If you think about a phishing campaign, the bad guys send out emails hoping that recipients will click on malicious links. To do that, DNS has to map the domain name in the URL to an IP address," he said.

"When malware infects a device, it often communicates with its command-and-control infrastructure via DNS. In some cases, it even tunnels its communications through DNS to evade detection."

This makes DNS not just a potential vulnerability, but also a powerful defence mechanism. By deploying protective DNS, organisations can identify and block malicious domains before they cause harm.

Understanding Protective DNS

Protective DNS is not a new concept, but it remains underutilised.

Liu referenced the Response Policy Zone (RPZ), introduced in 2010, as a key tool in DNS security.

RPZ allows organisations to filter DNS queries against reputational feeds, preventing access to known or suspected malicious domains.

"We've been out here, sort of shouting into the wind, about things like response policy zones and the broader notion of protective DNS for years now," Liu said.

"Many security professionals don't know how RPZ works or that they can use DNS to block threats before they reach their network."

Despite its benefits, protective DNS adoption remains inconsistent, and Infoblox is working to change that.

Liu and his team have been travelling the world, advocating for its use in both enterprise and government environments.

Recently, they hosted events in Wellington and Auckland, focusing on DNS security and the challenges of managing multi-cloud environments.

The Challenges of Multi-Cloud DNS Management

Many organisations now operate in multi-cloud environments, relying on services like AWS, Azure, and Google Cloud.

However, each cloud provider has its own DNS system - AWS Route 53, Azure DNS, and Google Cloud DNS - each with different interfaces, APIs, and configurations.

"One of the challenges is that they're all different," Liu explained. "The more systems you have to manage, the greater the chance of something going wrong."

Liu shared an example of a New York bank where an administrator made an innocent configuration mistake in a cloud DNS system, taking the bank's online presence offline for eight hours.

"To reduce these risks, businesses need a unified DNS management platform," he said. "It allows you to see what's happening across all environments, reduce errors, and improve security."

The Risk of Inconsistent DNS Hygiene

Poor DNS management doesn't just lead to downtime - it can create serious security risks. One growing threat is the hijacking of cloud resources through forgotten DNS records.

"Sometimes cloud operations teams don't clean up after themselves," Liu said.

"They leave DNS records pointing to old cloud resources, like an alias to an S3 bucket in AWS. Hackers can take control of those abandoned resources and use them to impersonate a legitimate organisation."

Liu warned that such attacks can severely damage a company's reputation and pose a significant liability risk.

"Good DNS hygiene is critical," he said. "It's one of the messages we're trying to drive home."

The Future of DNS Security

Looking ahead, Liu hopes that protective DNS will become a standard security measure for all organisations.

"No one in their right mind would operate without a firewall. In the future, I want protective DNS to be just as essential," he said.

Infoblox is also leveraging AI and machine learning to enhance DNS security. "We process massive amounts of passive DNS data, using algorithms to detect patterns and predict threats before they happen," Liu explained.

"It allows us to block malicious domains before they've even been used in an attack."

With cyber threats evolving rapidly, Liu believes DNS will continue to be a frontline defence.

"We've been making this case for a long time, and we rarely encounter someone who disagrees. The question isn't whether protective DNS is necessary - it's how fast businesses will adopt it."

For Liu, the mission is clear: "Protective DNS is one of the most powerful tools in cybersecurity. We just need to make sure everyone knows it."

 

Related stories
Starburst reports record revenues with AI-driven growth
Quest launches AI tools to simplify IT migration processes
Pangea unveils AI security tools to combat growing threats
Tenable warns of data risks from new AI model DeepSeek
Verkada secures $200m funding to enhance market presence
Top stories
AI to drive business growth in UK & USA, survey reveals
StructureFlow expands with acquisition of Blue J Diagramming
Technical documentation errors plague industrial sites
Tech executives prioritise AI, face privacy & eco concerns
Alteryx strengthens leadership with key executive hires