New DNS Attacks Lead to Emergency Directive by CISA

Today’s topics include new DNS attacks becoming more critical than ever, and Rancher Labs leading a K3S effort to minimize Kubernetes for the edge.

A new series of cyber-attacks that redirect traffic intended for specific websites by changing their DNS records has resulted in the first emergency directive by the Cybersecurity and Infrastructure Security Agency. This directive was followed in February by an alert by Internet Corporation for Assigned Names and Numbers of a growing effort by state-sponsored attackers to compromise the Domain Name System through attacks on top-level domains.

What this means to you is that the threat actor could change your organization’s DNS entry so that traffic to your internet addresses instead goes elsewhere. This redirection allows the bad actor to examine this traffic in detail, after which it may be copied before being sent back to your organization.

According to researchers at FireEye, the domain hijacking is being carried out by attackers in Iran. The Cybersecurity and Infrastructure Security Agency believes the DNS hijacking attacks will continue and be aimed against government and commercial interests in the United States and elsewhere.

On Feb. 26, Rancher Labs formally announced the launch of the open-source K3S effort that builds a lightweight implementation of Kubernetes that requires only a fraction of the storage and memory footprint of a regular Kubernetes installation.

Kubernetes is also often referred to as K8S, and K3S is all about being a smaller version that takes less than half the size.

According to Sheng Liang, co-founder and CEO of Rancher Labs, his company really has "two goals with K3S: make Kubernetes small and consume less memory, and the other is make it really dead simple to operate."

K3S is still in its early days, but Liang said that as it matures and stabilizes, he's hopeful Rancher Labs will offer a commercially supported implementation.