Driving a secure future for the transport sector with DNS-based security

13th March 2019

Simon Whitburn
Senior Vice President Cyber Security Services

Organisations operating in transportation and logistics are hard to pin down. They could be multi-national haulage firms; operators of trains, buses or airlines; local authorities and government agencies; airport owners; or many other stakeholders. Yet despite their diversity, they’re all looking to drive efficiencies, reduce costs and improve passenger experiences through digital transformation.

There’s just one problem: this hi-tech push could open the door to greater cyber risk. The good news is that DNS-based security can tackle many of the challenges that cripple businesses daily and new ones that emerge at the speed of the cyber criminal.

Going digital

The drive to embrace all things digital covers everything from mobile ticketing and boarding passes, to highly automated supply chains, and even IoT sensors that help to load shipping containers at the docks. It’s part of a much-needed effort to become more efficient and reduce costs, whilst improving resilience and safety and meeting rising customer expectations.

Although the sector is investing relatively generously in cyber security versus other verticals, only 23% of businesses polled by the government in 2017 said it is a very high priority for senior managers and directors, with the figure rising only slightly to 30% for core staff. You don’t have to look far to see the potential impact of cyber threats on the sector. Maersk and FedEx lost hundreds of millions of pounds to the infamous NotPetya ransomware worm in 2017. In 2018, British Airways became a victim of digital skimming code on its website and app which compromised the card data over 420,000 customers.

In short, cyber attacks can damage key assets, compromise IP and customer data and lead to major service outages — all of which can impact the bottom line, customer loyalty and brand reputation. They could even endanger passengers or employees in the future if key operational technology systems are hijacked and sabotaged. That’s bad news on a number of fronts, but also exposes transportation organisations to regulatory risk if customer data is stolen (GDPR) or there’s a more serious security breach (NIS Directive).

Time to hit back

Fortunately, DNS can play a major role in helping transport firms regain the initiative. As a key part of any organisation’s IT infrastructure you rely on it daily for your business operations. It converts domain names to IP addresses so employees can access websites and apps, and external users can find your organisation online. But it was not built with security in mind. Multiple vulnerabilities stemming from its open architecture can make DNS a popular target for attackers. This is also helped by the fact that many IT departments set their firewalls to whitelist DNS traffic.

That’s why, according to the National Cyber Security Centre (NCSC), DNS is used at some point in nearly all attacks. It can be used as a channel to smuggle stolen data out of the organisation, leaving a big hole in your data loss prevention strategy. It can be used by hackers to communicate with infected machines on your network. Or DNS servers themselves can be hijacked to direct users to phishing and malicious websites.

But with the right know-how, organisations can turn the DNS to their advantage. Nominet has been running protected DNS for critical infrastructure in the form of the .uk registry for two decades now. As such, we’re compliant with the NIS Directive and understand what is needed to protect critical infrastructure.

Our NTX platform can spot the tell-tale signs of malicious code hidden in large volumes of legitimate DNS traffic. That allows organisations to spot the early warning signs of an attack, block malicious activity instantly and clean up any infected machines. Available in two offerings — the cloud-based NTXprotect and a fully managed service (NTXsecure) — it protects against command-and-control malware, phishing, botnets, cryptomining, data exfiltration and more; all without impacting performance.

Cyber Security in the Transport and Logistics Industry

Download Whitepaper