There are no silver bullets in cybersecurity. However, there are some key choke points — places where cybersecurity technologies can have a disproportionate impact.
The Domain Name System, or DNS, is one of those choke points. For example, a Cisco report, which analyzed data from all kinds of malware, found that 91 percent of malicious software used DNS to communicate with control servers, exfiltrate data from targets, or receive new commands. That’s why Congress mandated that the Cybersecurity and Infrastructure Security Agency, or CISA, deploy innovative network protection services that federal agencies and other enterprises must leverage. The Protective DNS Service is the latest addition to these services - it secures federal agency DNS traffic and thwarts the vast majority of cyberattacks before they can even get launched.
<<< Start >>>
The Protective DNS Service secures federal agency DNS traffic and thwarts the vast majority of cyberattacks before they can even get launched.
<<< End >>>
Think of DNS as the phone directory for the internet, essential to the operation of web browsers, email, and many other internet services. When you type a domain name, like Accenture.com, into the address bar of your browser, or click on a link, DNS translates that into a numerical IP address, finding the internet-connected server which hosts that domain — a process called resolving a DNS query.
Once a DNS query is resolved, a connection is established that can be used to download malware or exfiltrate data. Cyberattacks like malware or phishing emails use DNS to find the malicious websites they must communicate with to download their payloads and compromise the targeted device.
Ransomware also uses DNS, both as an attack vector for phishing emails to gain initial access to a compromised device, and to establish communication between that device and hacker-controlled servers, so that malicious software can be downloaded.
Thwarting attacks for the federal government
Through the Protective DNS contract award, Accenture Federal Services is building a Protective DNS Service for the federal government to block the vast majority of DNS-based attacks, protecting the .gov domain across millions of devices – not just PCs on agency networks but also mobile and nomadic devices connecting over untrusted networks.
At a high level, the Protective DNS Service identifies untrusted domains, not by using a static blacklist, but by analyzing data about the domain from threat intelligence feeds and using behavioral algorithms. DNS queries to untrusted domains won’t resolve and no connection will be established. They’ll be blocked, diverted or sinkholed. The service has been designed to successfully block DNS-based attacks for all government devices.
The keys to that success include our embedded Accenture Federal Digital Studio team and our best-in-class data and AI/ML services, as well as Cloudflare’s zero trust services.
<<< Start >>>
<<< End >>>
The integration of cyber threat intelligence with advanced data analytics helps to identify untrustworthy domains and develop policies to power the service. Furthermore, we built the solution in the AWS GovCloud to deliver the scalability and extensibility that federal agencies require.
We are proud to bring the best of Accenture in delivering such a critical government-wide program.