Personal and corporate security are under a microscope these days. Hacker attacks have led to major breaches in the corporate sector: Home Depot, Target, Kmart, JPMorgan Chase, Sony Pictures, and other companies have had massive amounts of user data stolen. That stolen data is used by criminals to phish the users by using the stolen data to craft convincing email that carries malware designed to steal financial data from those users.
We can train people all day to be wary of emails, but the more data the attacker has on the user, the harder it is is to distinguish a real message from a phishing attack. Fortunately, we now have the technology and tools needed to detect and blunt phishing attacks sooner.
Signature-based products like firewall and endpoint defenses are critical to blocking or containing phishing attacks. But you might be missing a crucial element at a different layer of your security defenses: OpenDNS.
The next layer to your security solution should be focused at the DNS level. OpenDNS, a technology that’s already used extensively, has introduced a new tactic to better thwart phishing attacks: The company behind OpenDNS, also called OpenDNS, says it has create a "secret sauce" of big data analytics to predict in advance where phishing attacks are going to happen and block them automatically.
If that sounds a little like "Minority Report"-style futurism, keep in mind, I'm not talking about a replacement for traditional tools -- OpenDNS is an additional layer of defense.
I’ve been a fan of OpenDNS for quite some time. I first noticed it in routers as a form of parental protection a few years back. I’ve used it in my home ever since. It’s a free service (though I pay a small fee for the enhanced features like stats and support) that filters content by blocking it at the source: at the DNS side. It's brilliantly simple and a fantastic way to protect every Internet-connected device in my home.
But OpenDNS is much, much more than a parental-control filtering tool.
OpenDNS has an enterprise security side that draws upon extensive visibility into Internet traffic to predict, protect against, and prevent attacks. OpenDNS’s OpenDNS Graph capability has data on about 2 percent of Internet requests, covering 50 million active users daily across 160 countries with 50 billion daily Internet requests. That may not sound like a lot, but it's a tremendous amount of data to analyze for threat intelligence via machine learning.
As a result, to cite one example, OpenDNS can see trends of bots calling home, then block them regardless of port, protocol, or app used. Even if a phishing attack evaded your malware filters -- or if a user is on a home network without such sophisticated filters -- and fooled a user into opening an email and clicking a link to a phishing site, OpenDNS could prevent the phishing site from loading.
When it comes to security, we need to be vigilant on multiple fronts, of which DNS has been largely ignored. It's time to change that, especially now that the power of big data analytics is being applied to threat detection.