Cybersecurity Threat: DNS Hijacking and DNS Poisoning

Understanding the risk of DNS hijacking and robust, low-cost mitigation solutions.

What is DNS Hijacking or DNS Poisoning

Threat assessment

DNS hijacking is a cybersecurity threat where an attacker hijacks or gains control of traffic to your domain name and is able to divert visitors to a website or page of their own choice. Visitors may not realize that the domain has been hijacked, especially as the redirect destination is often an impersonation of the attacked property, that is used for fraud.

Potential impacts

Visitors to a domain that is subject to a DNS hijack could be redirected to a website that impersonates the original website and collects credentials, payment data and other sensitive information. It could also be used to sell counterfeit items or download malware leading to reputation loss for the legitimate owner of the domain name.

Get in touch with our Domain Name & Enterprise digital security experts

Improve your security posture, implement active monitoring and build resiliency

Get Started

proactive risk mitigation

Prevent DNS Hijacking

Implementing DNSSEC is the most effective preventive measure against DNS hijacking or poisoning. DNSSEC authenticates DNS data and when combined with a secure domain registrar account that includes IP whitelabeling and multi-factor authentication is the best defense against this type of cybersecurity risk.

reactive risk mitigation

Recover from DNS Hijacking

Detecting an attack of this nature is inherently tricky due to delays and inconsistencies in DNS propagation. Monitor server and website traffic for unexpected spikes or drops, and set up automated alerts for DNS changes. The next step is to take back control, audit usage history and communicate remedies.