What is a Data Exfiltration?

Data exfiltration (aka “data extrusion”) is the unauthorized transfer of data from a computer. The transfer of data can be manual by someone with physical access to the computer or automated, carried out through malware over a network.

A recent DNS security survey revealed that 46 percent of the respondents had been victims of data exfiltration and 45 percent had been subject to DNS tunneling—often used as a method of exfiltrating data—through DNS port 53. With hackers using DNS to circumvent next-generation firewalls, IDSs, and IPSs, security teams need to shift their focus to DNS—a pathway which is often left open but can be used as an ideal point for blocking data exfiltration attempts.

DNS threat analytics can detect and automatically blocks data exfiltration attempts via DNS—without the need for endpoint agents or additional network infrastructure. A DNS threat analytics solution should offer unique streaming analytics technology for real-time detection, active blocking, and visibility into infected devices and rogue employees.

LEARN MORE ABOUT Data exfiltration AND RELATED TECHNOLOGIES

• SANS 2023 Survey: Visibility and Attack Surface – White Paper
• Preventing DNS-based Data Exfiltration – Solution Note
  

FROM THE INFOBLOX COMMUNITY

• DNS Data Exfiltration – How it works
• Prevent DNS-Based Data Exfiltration with Infoblox DNS Threat Analytics
• Fighting Point-of-Sale (POS) Malware by Using DNS