Popular Enterprise IoT's Still At Risk To 10 Year-Old, Unpatched DNS Flaw

Published: July 16, 2022 on our newsletter Security Fraud News & Alerts Newsletter.



The IoT (Internet of Things) is the entire world of devices and all things technology that touch the internet. Everything we need to do using the internet, from businesses to smart homes to smart phones, it’s impossible to use technology and not be part of the IoT. It’s a remarkable thing, but when attackers strike even the smallest part, it can reverberate everywhere – and not in a good way.


Business leaders and everyday users alike need a reminder of a highly active domain name system (DNS) and router flaw that ten years later, remains unpatched. But when this vulnerability still threatens widely used, popular domain name systems and routers that many organizations rely on, it’s serious business. Just a few of these IoT devices include Linksys, Netgear, and Linux products.


Is Your DNS Poisoned?


Techopedia defines this poisoning attack as “a process by which DNS server records are illegitimately modified to replace a website address with a different address. DNS cache poisoning is used by hackers and crackers to redirect visitors of a particular website to their defined/desired website.” DNS poisoning is also known as DNS spoofing, DNS hijacking, and copycat websites, among others.


According to Nozomi “The attacker could then steal and/or manipulate information transmitted by users, and perform other attacks against those devices to completely compromise them…” That can spell “The End” for some businesses, especially those that are small-to-medium-sized (SMBs) that face a 60% chance of shutting their doors within six months of a cyberattack.



For enterprise and individual users, any data input on the spoofed web page is now the bad actor’s acquired stolen property. Those providing the data and PII are none-the-wiser it’s not the intended, legitimate web page. The hijacked data can be used to support future and further devastating attacks or sold on hacker forums.


Patch Flaws Pronto!


Nozomi researchers find comparisons between the enormous scope of this DNS flaw and the open-source framework of Apache Log4j found in a myriad of Java apps. Although a patch does exist for the Apache Log4j, it’s seriously under-applied. Those who don’t update this flaw continue to be at risk of being exploited, putting millions of Java users in harm’s way. That’s why it’s so critical to apply a security patch as soon as it’s available.


For now, Nozomi says “This vulnerability remains unpatched, however we are working with the maintainer of the library and the broader community in support of finding a solution…” Let’s hope that security pros are listening to the call for assistance and finally create a sorely needed patch for this DNS flaw.


In the meantime, as internet users, it’s important to stay on top of the current attacks and how to avoid them. How can you do this? Primarily, watch for phishing attacks. Since this issue can use spoofed websites, be sure you check and recheck those URL addresses before entering in any sensitive information. Also, be sure to avoid clicking unexpected links or attachments or are from unknown senders. Keep antivirus installed on all devices and keep it updated. Use strong passwords that are at least eight characters and are unique to each and every website you use. Lastly, but certainly not least important is to change default passwords on any hardware device, such as routers, as soon as they are installed. While you’re at it, update those devices before actively using them.


Keep up to date: Sign up for our Fraud alerts and Updates newsletter

Want to schedule a conversation? Please email us at advisor@nadicent.com


0 views0 comments