As the world continues to become more reliant on the Internet for personal communication and global trade, the threat of cyber crime activity has increased dramatically. This includes world intelligence organizations, cyber criminals looking to steal personal information, and for-fun malicious actors operating around the world. Our communications and knowledge of Internet-based threats needs to become broader and more technical in order to safely traverse the global domain.
To do this, users need to be able to understand possible attack vectors used by cyber actors and better understand how our devices connect to global infrastructure. Additionally, users must be able to conduct their own analysis on their devices, even at a high-level, to ensure their systems haven't been compromised. A key component of this analysis is from looking at DNS requests sent from a user's device to a public DNS server.
"In a mock phishing scenario conducted between March and May, the New York CSCIC sent spoofed e-mails to about 10,000 employees across five state agencies, trying to trick users into surrendering their passwords. More than 75% of the recipients opened the e-mail, 17% followed the link, and 15% attempted to enter their passwords." (Jaikumar, 2005).
In this WebQuest, we walked the viewer through the DNS process and provided a high-level overview of how a spearfishing attack could be conducted. This will better enable the user to understand normal DNS requests to those from malicious software. It also provided a recommendation of a global, coordinated effort that could be done by public DNS servers to help combat cyber activities.