NSA Secure DNS Pilot Program Provides Assistance to Small and Mid-Sized Businesses
In a June 18th interview at the Defense One Tech Summit, head of the NSA cybersecurity directorate Anne Neuberger gave an exclusive interview in which she described a new NSA program to help defense contractors fight malware attacks. Neuberger said that the program being piloted, known as Secure DNS, could reduce the ability of 92% of malware attacks to successfully deploy malware on a given network. The program is intended to be particularly beneficial to small-to-medium sized companies that may not have their own resources to invest in enough cybersecurity infrastructure or cybersecurity personnel. The pilot program has currently been going on for about 6 weeks, and Neuberger said that the promising initial results could lead to upscaling the program across the DoD.
One way in which malicious actors can target the defense industrial base is through DNS attacks. The domain name system (DNS) is a database that maps domain names to localized IP addresses, allowing a user to access a part of a computer network. DNS attacks involve an outside user trying to gain access to the network in order to install malware or steal protected information. This can consist of making a fake login page that looks credible in order to get a user’s credentials and gain access to a secure network, as well as other common spoofing and phishing methods. These attacks can be particularly problematic within the defense-industrial base, where private companies have access to secure networks and information relating to national security. To stop secure information from getting compromised by DNS attacks on private defense-industrial firms, Secure DNS filters outside DNS requests so that attackers cannot access secure networks or “spoof” their IP address in order to compromise a DNS server related to the defense-industrial base.
While this does not entirely eliminate the threat of malware attacks on networks related to the defense-industrial base, Neuberger described the program as a cybersecurity jumpstart for the smaller firms that the program is intended for. Neuberger also laid out some of the next steps of the pilot, which were to identify a secure DNS service provider as well a set of standards for DNS security providers across the defense-industrial base. If upscaling occurs, this could eventually serve as a preventative measure to protect against DNS attacks across the larger defense-industrial base. It is also important to note that this is a policy designed to target a specific kind of attack rather than a set of cybersecurity standards and best practices.
While this program shows promise in protecting against DNS attacks on the defense-industrial base, programs such as the CMMC play a larger part in promoting a set of cybersecurity best practices that can be used for accreditation going forward. However, in the meantime, Secure DNS could stand to protect vast swaths of the smaller firms within the defense-industrial base from the threat posed by DNS cyberattacks.