The Case of LeaseWeb DNS Hijacking and How Prestige Technologies Avoid It
A little over a year ago, web hosting provider LeaseWeb became the victim of a DNS Hijacking attack that led to their main site being defaced. Or rather, their site’s URL was redirected to another page containing a message from the hackers, stating “what are you is a hosting company with no security.” And “we owned all of your hosted sites.”
Thankfully for customers of LeaseWeb were spared as the hackers were only interested in mischief. No customer data was compromised. However, the hacking attempt was a PR disaster for LeaseWeb. It’s hard to imagine that existing and potential customers will have misgivings over their website’s security if hosted on LeaseWeb.
Is your site ready for the multiscreen consumers? Click here.
What is a DNS Hijacking?
Basically, DNS hijacking is when hackers gain access to the domain control panel and changes it so that the domain name will now point to a different server. For example, if the domain xyz.com normally directs to web server A, a hacker who manages to access the domain control panel for xyz.com can redirect it to web server B.
The danger of DNS hijacking goes beyond simply making a website lose its visitors. Now that a hacker can point the traffic to any server he likes, he can point it to a competitor’s site, or to a site with misinformation, or worse – a site that hosts malware. Of course, as is the case of LeaseWeb, there’s also the very real danger of making companies lose the confidence of their userbase. It can be very difficult to recover from the damage an incident like that can do for their brand image.
How Prestige Technologies Avoids DNS Hijacking
Of course, being a web hosting provider, Prestige Technologies makes security a top priority, and there are several things that help us avoid cases of DNS Hijacking and protect our customers from being compromised.
Many cases of DNS Hijacking didn’t come from exploits or bugs present in code, but were made possible due to phishing. No company that has been successfully hacked have openly admitted to it, but a lot of cases were from company executives and managers falling victim to phishing emails. A hacker who manages to get the account details of say, a CEO will practically have the keys to the proverbial income no matter how up to date and tight the security is on the server.
In Prestige Technologies, all of the people in our company who have email access, even if they don’t have administrator access, are trained on proper usage and security measures. Additionally, the work email addresses are not used for personal matters and socialization, ensuring that they won’t fall prey to phishing scams and social engineering.
On the technical side, Prestige Technologies is staffed by people who are on call and the servers are monitored 24/7, with upgrades and patches made as soon as they are necessary in order to ensure that no new exploits or vulnerabilities will catch us off-guard. Our security, both in terms of company policies and the infrastructure are robust.
How Prestige Technologies’ Users Can Protect Themselves From DNS Hijacking
Lastly, it is important to remember that in any industry, a service provider can only do so much to protect its customers. They can’t do anything if the weak link is poor practices or negligence on the part of the customer. In order to avoid DNS Hijacking, Prestige Technologies recommends the following for its customers:
The most important thing to remember is that the key to DNS hijacking is for hackers to gain access to the administrative account, which is done through either phishing or malware infestation. Users should follow best practices in protecting themselves from these types of attacks.
It is also recommended to use “private registration option” or WHOIS masking, so that the personal details such as name, address, phone and administrative email address are all hidden from prying eyes. Generally, this is the first place that hackers look if they are targeting a website.