Does your cybersecurity provider protect your organisation against ‘fast flux’?
Today, in collaboration with our international partners, we have released a new advisory about the ongoing threat of ‘fast flux’ techniques used by a Bulletproof Hosting Provider (BPH). BPHs use fast flux to disseminate malware and undertake phishing on behalf of cybercriminals.
Fast flux is a domain-based technique used by malicious cyber actors, characterised by rapidly changing the Domain Name System (DNS) records (such as IP addresses) associated with a single domain. The approach allows BPHs to cycle quickly through bots and DNS records to bypass detection by network defenders and law enforcement agencies.
You can mitigate the risks associated with fast flux and maintain a secure environment by using a reputable Protective DNS (PDNS) provider that detects and blocks fast flux. Providers should track, share information about, and block fast flux as part of their provided cybersecurity services. Some providers may detect and block fast flux automatically, but many may not. To ensure optimal protection, we encourage you to contact your provider to validate their coverage against fast flux.
Read the advisory and find out more to protect yourself from fast flux.
You can also find out more about how BPHs operate by reading our joint publication with the Australian Federal Police.