DeepSec 2019 Talk: Once upon a Time in the West — A Story on DNS Attacks — Valentina Palacín, Ruth Esmeralda Barbacil *

The Internet is the new frontier for some. So just like in Old West movies, we are going through a land riddled with well-known gunmen: OceanLotus, DNSpionage and OilRig, who roam at ease, while the security cowboys sleep. This presentation will uncover the toolset and techniques used by these gunmen, taking a closer look at their big guns and their behavioral patterns. We will explore the attacks involving DNS that took place during the last decade to examine the latest discovered techniques in order to improve detections to dodge the bullets they are firing in our direction.

We asked Valentina and Ruth a few more questions about their talk at the DeepSec conference. Please note that Valentine and Ruth will also speak the the DeepINTEL conference where you will get more in-depth information not suited for a public event.

Please tell us the top 5 facts about your talk.

1. DNS was not designed having in mind that some people was going to abuse the protocol in these ways.
2. This type of attack is carried out by intermediate, expert, advanced and strategic threat actors. There is no need of an spectacular level of expertise to be able to carry out a DNS attack.
3. The motivations behind this type of attack are changing. We have seen a shift from financially motivated attacks with a wide…