• Platformchevron right
  • Solutionschevron right
  • Modern NDRchevron right
  • Resourceschevron right
  • Companychevron right

White Paper

Taxonomy of SolarWinds SUNBURST DNS Abuse Tactics

Download the white paper
Extrahop resources covering topics about cybersecurity
Taxonomy of SolarWinds SUNBURST DNS Abuse Tactics

This report details a critical technique used in the SUNBURST attack to evade detection: hiding command-and-control traffic by taking advantage of known weaknesses with enterprise domain name systems (DNS). DNS is a popular attack vector both because of its ubiquity and its noisiness. The sheer volume of DNS queries make it extremely difficult to monitor and secure.