NSA, Homeland Security Push Service to Mitigate Cyber-Attacks
- Protective DNS would block known malware, aid breach response
- Similar system in U.K. blocked millions of suspect connections
Photographer: Oliver Nicolaas Ponder/EyeEm/Getty Images
As the U.S. reels from major cyber-attacks by suspected Russian and Chinese hackers, officials are looking to implement new technologies that would allow the federal government to respond more effectively.
The National Security Agency and the Department of Homeland Security believe they have part of the answer within the Domain Name System, or DNS, often referred to as the phone book of the internet. They are encouraging government agencies and high-risk companies to embrace a system known as Protective DNS, in which a private security firm would monitor and filter web traffic.
The payoff could be enormous, officials say. PDNS blocked connections to malicious websites millions of times in a recent test involving five U.S. defense contractors. After it was installed in the U.K., the system blocked nearly 60 million connections to suspect sites in 2018 alone, including 450,000 related to the infamous WannaCry strain of ransomware, according to a report issued by the National Cyber Security Centre.