The Cyber Security Agency’s (CSA) Singapore Computer Emergency Response Team (SingCert) has issued an alert on Thursday (15 Apr) following the discovery of multiple Domain Name System (DNS) implementation vulnerabilities that affected over 100 million devices.
“Security researchers have discovered multiple Domain Name System (DNS) implementation vulnerabilities in four popular TCP/IP network stacks,” it stated.
The vulnerabilities, dubbed as NAME:WRECK, affected over 100 million devices running on FreeBSD, IPnet, NetX and Nucleus NET stacks.
SingCert noted that vulnerable devices could be “subjected to either denial-of-service (DoS) or remote code-execution (RCE) attacks”.
While security patches have been released to address the vulnerabilities, it advised administrators of the affected stacks “to apply the patch immediately”.
However, if the patching is not available, SingCert recommended administrators enforcing segmentation controls and proper network hygiene measures.
It also suggested monitoring progressive patches released by affected device vendors, configure devices to rely on internal DNS servers, and monitor all network traffic for malicious packets.
Meanwhile, ST reported that many security researchers revealed the most affected organisations are in the healthcare and Government sectors. Other sectors include entertainment, retail, manufacturing, financial services and technology.
Speaking to Computer Weekly on Tuesday (13 Apr), Forescout Research Labs’ research manager Daniel dos Santos branded NAME:WRECK as “a significant and widespread set of vulnerabilities with the potential for large-scale disruption”.
“Complete protection against NAME:WRECK requires patching devices running the vulnerable versions of the IP stacks and so we encourage all organisations to make sure they have the most up-to-date patches for any devices running across these affected IP stacks.
“Unless urgent action is taken to adequately protect networks and the devices connected to them, it could be just a matter of time until these vulnerabilities are exploited, potentially resulting in major government data hacks, manufacturer disruption or hotel guest safety and security,” he noted.
