Michael Duffy on Agencies’ Compliance With DHS Directive on DNS Tampering Campaign

Michael Duffy of the Department of Homeland Security said there are only “a handful” of agencies that still need to comply with the requirements of an emergency directive that DHS released in January to address Domain Name System tampering activities, FCW reported Friday.

Duffy, acting deputy director of DHS’ federal network resilience division, said during a Thursday meeting of the Information Security and Privacy Advisory Board that those agencies deal with "external dependencies" on DNS providers that make the process challenging to adopt multifactor authentication. DHS believes no agencies were directly impacted by the DNS hijacking campaign.

The department’s Cybersecurity and Infrastructure Security Agency is requesting $4.4 million in fiscal 2020 funds for a DNS name resolution service and Duffy explained how that service could help in the early detection of agency domain tampering attempts.

"One of the things I mentioned [in the briefing] is that we didn't have the visibility that would have been beneficial to know what was happening, so this service would sit on top of traditional DNS and give us that level of visibility of the DNS traffic and where it's moving,” Duffy said.

Check Also


FireEye to Provide Cybersecurity Defenses to Texas DIR; Pat Sheridan Quoted

FireEye, Inc. has announced that it will offer cyber security defenses to Texas public sector agencies, under Texas Department of Information Resources (DIR), the company reported on Thursday. Through the end of 2020, FireEye security products and Mandiant Solutions services will be available to all Texas agencies, county governments, cities and school districts through DIR’s Bulk Purchase Initiative for Endpoint Detection and Response (EDR) solutions.