The U.S. Department of Homeland Security (DHS) on Tuesday issued an emergency directive instructing federal agencies to prevent and respond to DNS hijacking attacks.
The DHS’s Cybersecurity and Infrastructure Security Agency (CISA) has been tracking incidents involving DNS hijacking and claims to be aware of multiple executive branch agency domains hit by such attacks. In response to the threat, CISA has issued Emergency Directive 19-01, “Mitigate DNS Infrastructure Tampering.”
Federal agencies have been given 10 days to check public DNS records for all .gov and other domains they manage to ensure that they have not been tampered with. This includes Address (A), Mail Exchanger (MX), and Name Server (NS) records.
