Government-wide DNS security strengthens Australia’s cyberdefence

AUPDNS helped protect this year’s online Census by blocking requests for known malicious servers.

domain name system dns security data center lock icann
Imaginima / Getty Images

Australian government agencies now have access to a purpose-built domain name service (DNS) security platform that has been credited with preventing more than 10,000 cyberattacks during the government’s recent successful online census.

Available for free to Commonwealth, state, and territory government agencies performing “critical services for Australians”, the Australian Protective Domain Name Service (AUPDNS) checks incoming and outgoing network traffic against a blacklist of known high-risk websites, malware command-and-control (C&C) servers, email servers, and other systems.

By checking domain name requests across participating agencies when they are resolved in the DNS system, AUPDNS can flag and stop malicious traffic that might otherwise have been routed through to its destination.

“A single malicious connection could result in a government network being vulnerable to attack or compromise, so it’s vital we do everything we can to prevent cybercriminals from gaining a foothold,” said Andrew Hastie, the assistant minister for defence, in announcing the system’s general availability.

The system follows on from a pilot Protective Domain Name System (PDNS) program that last year blocked over 150,000 “threat events”, according to the Australian Cyber Security Centre (ACSC), which has spearheaded the Harden Government IT (HGIT) initiative established under the country’s Cyber Security Strategy 2020.

To continue reading this article register now

Microsoft's very bad year for security: A timeline