Michael Duffy of the Department of Homeland Security said there are only “a handful” of agencies that still need to comply with the requirements of an emergency directive that DHS released in January to address Domain Name System tampering activities, FCW reported Friday.
Duffy, acting deputy director of DHS’ federal network resilience division, said during a Thursday meeting of the Information Security and Privacy Advisory Board that those agencies deal with "external dependencies" on DNS providers that make the process challenging to adopt multifactor authentication. DHS believes no agencies were directly impacted by the DNS hijacking campaign.
The department’s Cybersecurity and Infrastructure Security Agency is requesting $4.4 million in fiscal 2020 funds for a DNS name resolution service and Duffy explained how that service could help in the early detection of agency domain tampering attempts.
"One of the things I mentioned [in the briefing] is that we didn't have the visibility that would have been beneficial to know what was happening, so this service would sit on top of traditional DNS and give us that level of visibility of the DNS traffic and where it's moving,” Duffy said.