We rely on law enforcement to be our first-line of defence against criminals online and offline. Yet, most law enforcement agencies remain vulnerable to cyber attacks.
Municipalities, power grids and hospitals have all fallen victim to malicious online actors looking to score propaganda points. Due to their profile, law enforcement agencies are also obvious targets for hackers and cyber criminals.
I find it troubling that many police forces do not take simple steps to protect themselves online. The place to start is through the Domain Name System (DNS) server, where the most common form of attack hits. The DNS is often forgotten in cyber security strategies even though DNS security solutions are exceptionally affordable and easy to deploy.
Think of the DNS as the Achilles heel of the Internet. Everything is great when it is working, but the DNS is vulnerable to power and network outages. When your DNS goes down, your website, web applications, email, and web services all fail.
This can be embarrassing for any organization, but it becomes dangerous in law enforcement scenarios. A cyber attack on DNS could impact crime reports, investigations and external communications.
It’s time for Canada’s law enforcement community to step up their security online. I’ve provided four key ways for law enforcement agencies to improve their cyber security:
- Test your DNS: CIRA offers a simple test to find critical errors in your DNS configuration. The test takes about 60 seconds and can be accessed for free at dnstests.cira.ca.
- Use an Anycast DNS service: Some legacy web architectures use what is called a unicast DNS. These services offer little redundancy and leave the DNS extremely vulnerable to DDoS attack. Ensure you have an Anycast DNS solution that can withstand attacks and keep services online. Full disclosure, CIRA has a secondary service called D-Zone Anycast DNS, but there are others in the field. Find one that suits your organization’s needs.
- Confirm the DNS is properly configured and includes a primary and secondary: Redundancy is important when setting up a world-class DNS configuration, and administrators should confirm that their DNS settings are configured correctly. In testing, CIRA found Canada’s DNS availability is startlingly poor, with a lack of redundancy and configuration errors causing 93 per cent of DNS servers in Canada to miss queries over a six month period. For lesser-known websites this may not be an issue, but misconfigurations could leave law enforcement open to attack.
- Use a domain locking service: Any .CA domain can be locked with CIRA to prevent unauthorized changes to the domain settings. This prevents malicious actors from redirecting a domain to a new site with damaging information, a common form of cyber-attack. In 2015, the City of Ottawa’s website was redirected to an image of a dancing banana. ISIS sympathizers have also used this tactic to redirect pages to ISIS propaganda.
As cyber attacks become more common, it is important that our law enforcement protects their online services. A properly configured and redundant DNS is a solid first step to a more secure Canadian Internet.