Speakers:
Peter LaMantia, CEO of Authentic Web
Sean (CTO, Authentic Web)
Introduction
Peter:
Welcome everyone, and thank you for taking the time to join us.
In the next 30 minutes, we’ll share critical findings from our external DNS security audit of the healthcare industry.
What we’ll reveal today exposes significant vulnerabilities—issues not only limited to healthcare but present across every industry, including your own.
By understanding these risks, you’ll gain valuable insight to strengthen your company’s digital defenses and protect your customers. Whether you’re in healthcare or another sector, this session will be both eye‑opening and actionable, helping your teams build stronger network security.
Before we begin, a quick introduction. I’m Peter LaMantia, CEO of Authentic Web, and I’m joined by Sean, our CTO.
Sean, before we dive in, you’ve been the CTO for a multi‑billion‑dollar company managing its DNS and domain footprint. What do you think most people forget about when it comes to DNS and its risks?
Sean:
Honestly, Peter, I’ve spent my whole career dealing with these issues. In large companies—especially those that go through a lot of M&A activity—DNS management always turns into a sprawl. Too many people register domains, set up DNS providers, and create shadow systems.
I’ve tried solving this problem more than once, but it’s overwhelming. There are always too many systems and competing priorities. But with the current rise in ransomware and phishing, DNS simply can’t be ignored anymore.
That’s exactly why I joined Authentic Web—we’re solving a problem that keeps people up at night. Every large organization faces the same challenge, and they just can’t get it under control.
Peter:
Exactly. When we founded Authentic Web over a decade ago, our goal was simple—to make it easy for teams to manage domains and DNS. But a few years in, we realized something bigger: DNS security was the real problem.
People forget that everything digital is anchored on the DNS. If your DNS goes down or becomes compromised, nothing else works.
Why We Audited Healthcare
Peter:
Let’s walk through today’s agenda.
We’ll explain why we focused on healthcare, how DNS gets exploited, share the top DNS vulnerabilities, walk through key audit insights, and close with practical steps to strengthen your security posture.
First, let’s talk about why healthcare.
The healthcare sector has become the most attacked industry—35 percent of all cyberattacks now target healthcare, surpassing even finance and government. (Source: Black Kite.)
Why? Because healthcare data is extremely valuable, and most healthcare networks rely on legacy infrastructure.
Healthcare organizations are also subject to some of the strictest compliance frameworks—HIPAA, HITECH, SOC 2, NIST, ISO, and others. All of these require IT controls, change management, and auditability. And DNS falls directly under that umbrella.
If your DNS isn’t under governance, you’re not compliant.
Across these frameworks, five requirements are consistent:
- Access Controls – Who can make critical DNS changes?
- Audit Logging – Do you track every DNS edit?
- Change History – Are changes reviewed and approved?
- Vulnerability Monitoring – How are DNS exposures detected and remediated?
- Redundancy and Backup – Do you maintain secondary DNS and backups for disaster recovery?
These are table stakes for compliance, yet most organizations still miss them.
The Growing DNS Threat
Peter:
The scale and severity of DNS compromises continue to rise—DNS hijacks, orphaned IP takeovers, dangling CNAMEs, and insecure redirects.
The issue has become so pressing that both the U.S. Department of Homeland Security and the U.K. National Cyber Security Centre issued formal warnings urging enterprises to secure their DNS.
At the heart of this crisis is one thing—lack of ownership, governance, and visibility.
When you have multiple registrars and DNS providers, there’s no single pane of glass to see risk across systems. That’s a loophole attackers exploit.
These vulnerabilities can cause outages, brand impersonation, phishing, malware infections, credential theft, and direct data loss.
Why DNS Remains Exposed
Peter:
Here’s the reality. DNS and domains are public by design.
Attackers don’t need to breach your firewall—they can inspect your DNS the same way we can.
Inside enterprises, manual processes, disconnected ticketing systems, and shadow IT all create unseen gaps. A team may file a change request—but who verifies that the change is correct, properly encrypted, and compliant? Usually, no one.
Simply put, DNS exposure persists because it’s hard to manage and easy to ignore.
The Top DNS Vulnerabilities
Peter:
After years of helping clients migrate and manage DNS, we identified the most common—and most dangerous—exposures:
1. Insecure Redirects
Many domains still use HTTP‑only redirects. Those unencrypted hops enable session hijacking and SSL‑stripping attacks that can steal credentials or sensitive data.
2. Orphaned IP Addresses and Dangling CNAMEs
This “set‑it‑and‑forget‑it” habit has created one of the greatest ongoing risks. When cloud resources are decommissioned but DNS records remain, you have pointers to destinations you no longer control—pointers attackers can easily take over.
3. Lame Delegations
When a domain has no Start of Authority (SOA) record, anyone can add one and seize DNS control. This exposure is especially common with legacy name servers and shared environments.
4. Missing SPF and DMARC Coverage
Without SPF or DMARC on every domain—even those unused for email—criminals can send spoofed messages from your brand. Every domain should include SPF –all and DMARC p=reject as a baseline.
5. DNSSEC Gaps
DNSSEC protects against cache‑poisoning and other manipulations, but many enterprises have never deployed it, or they misconfigure key rollovers—causing outages if done manually. Automated management solves this, yet adoption remains low.
The Healthcare Audit
Sean:
To understand the state of healthcare DNS, we analyzed dozens of major organizations across North America using open‑source and commercial data feeds.
Our approach aggregated domains associated with each company using passive DNS data—the same way an attacker would gather intelligence.
Here’s what we found.
Infrastructure Overview
In healthcare, we saw companies using multiple registrars and DNS providers, exactly as expected. The sprawl is enormous.
HTTP/HTTPS Exposures
Nearly 89 percent of healthcare domains had configurations that didn’t resolve properly or pointed to possibly inactive systems. Many of these need review to remove abandoned entries.
Redirect Chains
We discovered numerous unencrypted steps in redirect paths—prime opportunities for man‑in‑the‑middle attacks.
CNAME Issues
Roughly 35 percent of organizations had dangling CNAMEs—aliases pointing to locations they no longer control. This is especially problematic because marketing and SaaS integrations constantly create and abandon these references.
Lame Delegations
Legacy domains without valid SOA records were widespread. Any adversary could create an SOA and hijack control.
SPF and DMARC
More than half of the domains surveyed lacked SPF or DMARC coverage. Another fraction had invalid syntax—the record existed but didn’t work. That means the company thought it was protected but wasn’t.
DNSSEC Adoption
Coverage was negligible across North American healthcare.
By contrast, European regions—especially Scandinavia—show much higher DNSSEC adoption due to stronger regulatory enforcement.
Key Takeaways
Sean:
Healthcare organizations face ransomware every day, and every event begins with reconnaissance of the DNS layer. They spend millions patching exploited systems but often fail to close these root‑cause DNS vulnerabilities—so attackers simply find new openings and return.
Peter:
Exactly. DNS is foundational. Yet IT and infosec teams are overextended. Reviewing thousands of zone records manually is exhausting and unclear. It raises endless questions: Should this record exist? Does it still resolve? Who controls it?
Without automation, DNS cleanup stalls, and the vulnerabilities keep compounding.
That’s why we built a system—to make it easier for teams to see, fix, and continuously verify DNS security.
The Path Forward
Peter:
If you want to improve DNS hygiene, start by conducting an audit. You must know your current posture. Once you see the problem, the fix is relatively simple.
Step 1: Centralize your domains and DNS under one control system with proper change management, logging, and visibility.
Step 2: Eliminate orphaned records, insecure redirects, and dangling CNAMEs.
Step 3: Implement SPF, DMARC, and DNSSEC company‑wide.
Step 4: Adopt ongoing automation for continuous monitoring.
Doing so will:
- Eliminate DNS vulnerabilities before they’re exploited
- Improve compliance with frameworks like HIPAA and SOC 2
- Simplify your IT workload through visibility and automation
- Lower costs by consolidating vendors and reducing firefighting time
Complimentary Audit Offer
Peter:
If you’re wondering, What’s our DNS security posture?—let’s find out together.
We’ll provide a complimentary external DNS audit for your organization—no strings attached.
Just email info@authenticweb.com with the subject line “DNS Audit”, and we’ll run the analysis.
We’ll walk through the results, help you interpret them, and show how they can support your 2025 security roadmap.
Q&A Highlights
Question: What do you need from us to run an audit?
Sean: Just permission to proceed. If we have even a few of your domains, we can build a full external picture. For best accuracy, you can also send your corporate domain list.
Question: How do you fix the issues once found?
Peter: DNS Inspector can be used alone or integrated with our Domain Name Asset Manager (DNAM) system, letting you edit live records, re‑audit, and verify fixes instantly.
Question: How do you get executive buy‑in for DNS projects?
Peter: Position it in financial terms—security risk, compliance liability, and cost savings. Modernizing DNS governance saves IT time, reduces vendor expense, and prevents costly breaches.
Closing
Peter:
I want to thank everyone for taking the time to join us.
We know schedules are busy, but I hope today highlighted just how critical DNS security has become.
Your DNS is a map of your digital infrastructure—it’s public, and attackers are already studying it.
Centralizing management, increasing visibility, and monitoring continuously will keep your organization, your customers, and your brand safe.
If you’d like that free audit, reach out—we’ll show you exactly where to start.
Thanks again, and have a great day.
