The Department of Homeland Security states that some agencies are being targeted by specific attacks that modify the Domain Name System Records, which critical function of the processes to locate websites.
DHS issued an emergency statement giving government agencies 10 days to verify that their DNS records are accurate. There has been a series of incidents where email and website traffic has been redirected.
The DHS’s Cyber Security Team said it “is aware of multiple executive branch agency domains that were impacted by the tampering campaign and has notified the agencies that maintain them,” .
Cyber attacks that target DNS systems can be quite powerful. By modifying a DNS record it can allow an attacker to see traffic flowing to a website or service. They can also craft effective phishing attacks to collect login username and passwords for anything. Hackers can also set a different IP address for the domain and nearly all end users would fall for this scan not knowing the difference. Even if the domain name is typed correctly in a browser, the end user would be sent to a phishing website that may look completely legitimate, especially with a freshly generated TLS/SSL certificate which can be generated for free now.