• Platformchevron right
  • Solutionschevron right
  • Modern NDRchevron right
  • Companychevron right

whitepaper

Taxonomy of SolarWinds SUNBURST DNS Abuse Tactics

Download the whitepaper
Extrahop resources covering topics about cybersecurity
Taxonomy of SolarWinds SUNBURST DNS Abuse Tactics

This report details a critical technique used in the SUNBURST attack to evade detection: hiding command-and-control traffic by taking advantage of known weaknesses with enterprise domain name systems (DNS). DNS is a popular attack vector both because of its ubiquity and its noisiness. The sheer volume of DNS queries make it extremely difficult to monitor and secure.