When the Internet stumbles: Why DNS is important
Last week's massive AWS outage was a reminder that the modern Internet - an ecosystem of billions of connections, services and devices - still depends on a handful of silent, foundational systems. At the top of that list is the Domain Name System (DNS), the essential layer that translates human-readable names into machine-readable addresses. If DNS falters, everything that is built on it will also fail.
Robert Frank, Area Vice President Central Europe at DigiCert
When the AWS US-East-1 region went down, many organizations not only couldn't process requests, they couldn't even report their outages. Without working DNS resolution, systems couldn't find their monitoring or incident reporting endpoints. The event underscored a truth that security experts already know: DNS is not optional "plumbing"; it's the connective tissue of modern cloud-based applications.
A brief introduction: How DNS works
Every digital interaction, from sending an email to launching an app, starts with a DNS lookup. When you type PetStore.com into your browser, your device sends a request to translate that domain name into the appropriate IP address so it knows which server to contact. This process involves two different but complementary systems: recursive DNS and authoritative DNS.
Recursive DNS servers act on behalf of the user. They receive the original request, check cached results and, if necessary, contact other DNS servers, such as an upstream recursive server or authoritative servers, to find the correct IP address. These resolvers are typically operated by a local network administrator, internet service providers (ISPs), cloud platforms or specialized DNS providers. Recursive DNS is what most people interact with - indirectly - every time they go online.
Authoritative DNS, on the other hand, provides the definitive answer for a zone or domain in a tree hierarchy below the "root" servers and top-level domains such as .com, .org or .de. These servers are maintained by domain owners or DNS providers and contain the official records - A, AAAA, MX, TXT, CNAME - that define where traffic should be directed. When a user asks a recursive resolver, "Where is PetStore.com?", the recursive server queries the hierarchy of authoritative DNS servers, which provide an answer for the part of the tree for which they are authoritative (responsible).
Both are critical, but they fulfill very different roles. The AWS incident showed what happens when one side - the recursive layer - fails.
Read more with free registration
Register now for free and get full access to all exclusive articles from GIT SECURITY.
With our newsletter we regularly send you top news from the security industry as well as the latest e-issue.
Business Partner
DigiCert Inc.
US
most read
Liverpool Heart and Chest Hospital Transforms Security with Verkada’s Hybrid Cloud Technology
NHS Trust boosts safety and efficiency with Verkada’s cloud-managed cameras and AI-powered incident response
Sicurezza 2025: A Post-Show Review
Sicurezza 2025 Closes on a High Note: Innovation and Sustainability at the Heart of the Built Environment
Security management, building security & perimeter protection: the winners of category E at the GIT SECURITY AWARD 2026
GIT SECURITY AWARD 2026: Security management, building security & perimeter protection - an overview of the most innovative solutions
Is Your Venue Ready for Martyn’s Law?
Martyn’s Law demands stronger security by 2027. Is your venue prepared to protect and respond?
Integrated and Futureproof: Traka’s Next Chapter
Interview with Stefni Oliver on Traka’s Vision for the Future