{"id":11983,"date":"2025-07-28T08:32:51","date_gmt":"2025-07-28T15:32:51","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=11983"},"modified":"2025-07-28T08:32:51","modified_gmt":"2025-07-28T15:32:51","slug":"cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/","title":{"rendered":"CISA AA25-203A Spotlights DNS as a Preemptive Defense against Ransomware"},"content":{"rendered":"<h3>Introduction<\/h3>\n<p>In its recent Advisory AA25\u2011203A, the Cybersecurity and Infrastructure Security Agency (CISA) reaffirms a powerful truth: Protective DNS (Domain Name System) remains one of the most effective defenses against ransomware.<\/p>\n<p>This is not speculation\u2014it is guidance grounded in proven reality. What makes Protective DNS especially compelling is that it builds on your existing infrastructure and is already recognized in the National Institute of Standards and Technology (NIST) Special Publication (SP)\u202f800\u201181 as a security best practice.<\/p>\n<h3>Why DNS Matters against Ransomware<\/h3>\n<p>Ransomware impacts start with malicious traffic\u2014whether it is phishing emails, command-and-control (C2) connections or data exfiltration channels. DNS sits at the heart of this traffic flow: it translates domain names into IPs, but also reveals where traffic is headed. <\/p>\n<p>CISA\u2019s AA25\u2011203A highlights that DNS offers the earliest interception point for ransomware\u2014blocking before a connection is even established. By filtering DNS queries before they resolve to malicious infrastructure\u2014be it known C2 domains, phishing sites or exfil servers\u2014organizations can stop threats before they initiate payload delivery.<\/p>\n<h3>CISA\u2019s Advisory AA25\u2011203A: DNS Takes Center Stage<\/h3>\n<p>In AA25\u2011203A, CISA reaffirms its ongoing <a href=\"https:\/\/www.cisa.gov\/sites\/default\/files\/2025-03\/StopRansomware-Guide%20508.pdf\" target=\"_blank\">Stop Ransomware campaign<\/a> and emphasizes core mitigations:<\/p>\n<ul class=\"list-spacing\">\n<li>Filtering network traffic to prevent access to suspicious or malicious domains<\/li>\n<li>Monitoring DNS resolution habits to detect anomalous or high-risk queries<\/li>\n<\/ul>\n<p>This transforms DNS from a passive service into a dynamic defense control\u2014stalling only the malicious activity without disrupting legitimate network operations.<\/p>\n<h3>DNS = Existing Infrastructure with Massive ROI<\/h3>\n<p>Most organizations already use DNS. There is no need for new hardware\u2014just smarter deployment. You are enhancing a core service by: <\/p>\n<ol class=\"list-spacing\">\n<li>Implementing filtering or sinkholing DNS requests to known malicious domains<\/li>\n<li>Aggregating query logs for visibility, incident response and threat hunting<\/li>\n<\/ol>\n<p>CISA\u2019s Protective DNS Resolver service is a federal example of this approach.<\/p>\n<h3>Backed by NIST SP\u202f800\u201181: Federal\u2011Grade Best Practice<\/h3>\n<p>Protective DNS is not just a CISA suggestion\u2014it is federally endorsed. NIST SP 800\u201181 (Secure DNS Deployment Guide) specifies how organizations should:<\/p>\n<ul class=\"list-spacing\">\n<li>Block malicious DNS queries.<\/li>\n<li>Monitor DNS usage patterns.<\/li>\n<li>Deploy DNSSEC.<\/li>\n<li>Use secure recursive resolvers.<\/li>\n<\/ul>\n<h3>Infoblox Threat Defense\u2122: Turning DNS into a Cybersecurity Control Point<\/h3>\n<p>Infoblox\u2019s Threat Defense solution is purpose-built to help organizations operationalize CISA\u2019s DNS-based ransomware mitigation guidance. It transforms DNS into an intelligent security control plane that:<\/p>\n<ul class=\"list-spacing\">\n<li>Blocks ransomware and malware communications using up-to-date threat intelligence<\/li>\n<li>Correlates DNS activity with endpoint behavior<\/li>\n<li>Feeds data into SIEM, SOAR and XDR platforms<\/li>\n<li>Delivers automation and response at scale<\/li>\n<\/ul>\n<h3>The Power of DNS-Based Threat Intelligence<\/h3>\n<p>Infoblox\u2019s Threat Intel analyzes global DNS activity and ransomware trends to:<\/p>\n<ul class=\"list-spacing\">\n<li>Identify newly registered and evasive domains.<\/li>\n<li>Track DNS tunneling and exfiltration tactics.<\/li>\n<li>Maintain dynamic threat feeds that block malicious lookups in real time.<\/li>\n<\/ul>\n<p>This intelligence ensures relevant and threat-informed DNS filtering<\/p>\n<h3>How to Build DNS\u2011Centric Ransomware Protection<\/h3>\n<ol class=\"list-spacing\">\n<li>Enable protective DNS filtering\u2014via solutions like Infoblox Threat Defense \u2013 to block initial compromise, C2 communication and DNS data exfiltration<\/li>\n<li>Log and analyze DNS queries.<\/li>\n<li>Adopt DNSSEC (DNS Security Extensions).<\/li>\n<li>Integrate DNS logs with SIEM tools.<\/li>\n<li>Stay current with threat intelligence feeds.<\/li>\n<\/ol>\n<h3>DNS: A Piece That Unlocks a Bigger Security Puzzle<\/h3>\n<p>Protective DNS acts as a frontline defender: thwarting ransomware before it crosses your network perimeter. It accelerates detection, simplifies threat hunting and reduces incident response time.<\/p>\n<h3>Final Word<\/h3>\n<p>CISA\u2019s AA25\u2011203A advisory is not reinventing the wheel\u2014it is shining a spotlight on a wheel you already have. With NIST SP 800\u201181 and Infoblox Threat Defense, Protective DNS becomes a cost-effective, intelligence-driven and strategically impactful security measure.<\/p>\n<p>You do not need to build from scratch\u2014just enhance what you already have. Let DNS do what it has always done\u2014but smarter, faster and with security in mind.<\/p>\n<style>\n.code-format {\n\tfont-family: 'Courier New';\n}\n.image-caption {\n    font-size: 12px;\n}\n.list-spacing li{margin-bottom:20px}\nol.list-spacing > li::marker {\n    font-weight: 700;\n}\n.entry-content ul.list-spacing ul > li {\n    list-style-type: square;\n}\n<\/style>\n<p><script>\njQuery('.single h1').html('CISA AA25-203A Spotlights DNS as a <span class=\"gradient\">Preemptive Defense against Ransomware<\/span>');\n<\/script><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Introduction In its recent Advisory AA25\u2011203A, the Cybersecurity and Infrastructure Security Agency (CISA) reaffirms a powerful truth: Protective DNS (Domain Name System) remains one of the most effective defenses against ransomware. This is not speculation\u2014it is guidance grounded in proven reality. What makes Protective DNS especially compelling is that it builds on your existing infrastructure [&hellip;]<\/p>\n","protected":false},"author":177,"featured_media":11984,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[2],"tags":[334,740,1274,288,69],"class_list":{"0":"post-11983","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-security","8":"tag-cisa","9":"tag-protective-dns","10":"tag-dns-threat-intel","11":"tag-ransomware","12":"tag-best-practices","13":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>CISA AA25-203A Spotlights DNS as a Preemptive Defense against Ransomware<\/title>\n<meta name=\"description\" content=\"In its recent Advisory AA25\u2011203A, the Cybersecurity and Infrastructure Security Agency (CISA) reaffirms a powerful truth: Protective DNS (Domain Name System) remains one of the most effective defenses against ransomware.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CISA AA25-203A Spotlights DNS as a Preemptive Defense against Ransomware\" \/>\n<meta property=\"og:description\" content=\"In its recent Advisory AA25\u2011203A, the Cybersecurity and Infrastructure Security Agency (CISA) reaffirms a powerful truth: Protective DNS (Domain Name System) remains one of the most effective defenses against ransomware.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2025-07-28T15:32:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/cisa-dns-ransomware-thumbnail.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"612\" \/>\n\t<meta property=\"og:image:height\" content=\"408\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Craig Sanderson\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"CISA AA25-203A Spotlights DNS as a Preemptive Defense against Ransomware\" \/>\n<meta name=\"twitter:description\" content=\"In its recent Advisory AA25\u2011203A, the Cybersecurity and Infrastructure Security Agency (CISA) reaffirms a powerful truth: Protective DNS (Domain Name System) remains one of the most effective defenses against ransomware.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/cisa-dns-ransomware-thumbnail.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Craig Sanderson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\\\/\"},\"author\":{\"name\":\"Craig Sanderson\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/01dc95aed5cb12cffacb64848b7f24ca\"},\"headline\":\"CISA AA25-203A Spotlights DNS as a Preemptive Defense against Ransomware\",\"datePublished\":\"2025-07-28T15:32:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\\\/\"},\"wordCount\":626,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/cisa-dns-ransomware-thumbnail.jpg\",\"keywords\":[\"CISA\",\"Protective DNS\",\"DNS Threat Intel\",\"Ransomware\",\"Best practices\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\\\/\",\"name\":\"CISA AA25-203A Spotlights DNS as a Preemptive Defense against Ransomware\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/cisa-dns-ransomware-thumbnail.jpg\",\"datePublished\":\"2025-07-28T15:32:51+00:00\",\"description\":\"In its recent Advisory AA25\u2011203A, the Cybersecurity and Infrastructure Security Agency (CISA) reaffirms a powerful truth: Protective DNS (Domain Name System) remains one of the most effective defenses against ransomware.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/cisa-dns-ransomware-thumbnail.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/cisa-dns-ransomware-thumbnail.jpg\",\"width\":612,\"height\":408},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"CISA AA25-203A Spotlights DNS as a Preemptive Defense against Ransomware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/01dc95aed5cb12cffacb64848b7f24ca\",\"name\":\"Craig Sanderson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/live-infoblox-blog.pantheonsite.io\\\/wp-content\\\/uploads\\\/avatar_user_177_1571767316-96x96.jpg\",\"url\":\"https:\\\/\\\/live-infoblox-blog.pantheonsite.io\\\/wp-content\\\/uploads\\\/avatar_user_177_1571767316-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/live-infoblox-blog.pantheonsite.io\\\/wp-content\\\/uploads\\\/avatar_user_177_1571767316-96x96.jpg\",\"caption\":\"Craig Sanderson\"},\"description\":\"Craig Sanderson is the Principal Cyber Security Strategist at Infoblox. Craig has over 25 years of experience in the CyberSecurity industry with a broad array of roles ranging from consultancy, security architecture, business development and product management. Over the last seven years, Craig has been responsible for creating the vision, strategy and delivered the execution of the Infoblox BloxOne Threat Defense solution. He continues to be passionate about the role that DNS can play in delivering world class cyber security with a particular emphasis on how DNS can become the foundation for national and governmental Protective DNS solutions\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/craig-sanderson\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"CISA AA25-203A Spotlights DNS as a Preemptive Defense against Ransomware","description":"In its recent Advisory AA25\u2011203A, the Cybersecurity and Infrastructure Security Agency (CISA) reaffirms a powerful truth: Protective DNS (Domain Name System) remains one of the most effective defenses against ransomware.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/","og_locale":"en_US","og_type":"article","og_title":"CISA AA25-203A Spotlights DNS as a Preemptive Defense against Ransomware","og_description":"In its recent Advisory AA25\u2011203A, the Cybersecurity and Infrastructure Security Agency (CISA) reaffirms a powerful truth: Protective DNS (Domain Name System) remains one of the most effective defenses against ransomware.","og_url":"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/","og_site_name":"Infoblox Blog","article_published_time":"2025-07-28T15:32:51+00:00","og_image":[{"width":612,"height":408,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/cisa-dns-ransomware-thumbnail.jpg","type":"image\/jpeg"}],"author":"Craig Sanderson","twitter_card":"summary_large_image","twitter_title":"CISA AA25-203A Spotlights DNS as a Preemptive Defense against Ransomware","twitter_description":"In its recent Advisory AA25\u2011203A, the Cybersecurity and Infrastructure Security Agency (CISA) reaffirms a powerful truth: Protective DNS (Domain Name System) remains one of the most effective defenses against ransomware.","twitter_image":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/cisa-dns-ransomware-thumbnail.jpg","twitter_misc":{"Written by":"Craig Sanderson","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/"},"author":{"name":"Craig Sanderson","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/01dc95aed5cb12cffacb64848b7f24ca"},"headline":"CISA AA25-203A Spotlights DNS as a Preemptive Defense against Ransomware","datePublished":"2025-07-28T15:32:51+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/"},"wordCount":626,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/cisa-dns-ransomware-thumbnail.jpg","keywords":["CISA","Protective DNS","DNS Threat Intel","Ransomware","Best practices"],"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/","url":"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/","name":"CISA AA25-203A Spotlights DNS as a Preemptive Defense against Ransomware","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/cisa-dns-ransomware-thumbnail.jpg","datePublished":"2025-07-28T15:32:51+00:00","description":"In its recent Advisory AA25\u2011203A, the Cybersecurity and Infrastructure Security Agency (CISA) reaffirms a powerful truth: Protective DNS (Domain Name System) remains one of the most effective defenses against ransomware.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/cisa-dns-ransomware-thumbnail.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/cisa-dns-ransomware-thumbnail.jpg","width":612,"height":408},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/security\/cisa-aa25-203a-spotlights-dns-as-a-preemptive-defense-against-ransomware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.infoblox.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"CISA AA25-203A Spotlights DNS as a Preemptive Defense against Ransomware"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/01dc95aed5cb12cffacb64848b7f24ca","name":"Craig Sanderson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/avatar_user_177_1571767316-96x96.jpg","url":"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/avatar_user_177_1571767316-96x96.jpg","contentUrl":"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/avatar_user_177_1571767316-96x96.jpg","caption":"Craig Sanderson"},"description":"Craig Sanderson is the Principal Cyber Security Strategist at Infoblox. Craig has over 25 years of experience in the CyberSecurity industry with a broad array of roles ranging from consultancy, security architecture, business development and product management. Over the last seven years, Craig has been responsible for creating the vision, strategy and delivered the execution of the Infoblox BloxOne Threat Defense solution. He continues to be passionate about the role that DNS can play in delivering world class cyber security with a particular emphasis on how DNS can become the foundation for national and governmental Protective DNS solutions","url":"https:\/\/www.infoblox.com\/blog\/author\/craig-sanderson\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/11983","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/177"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=11983"}],"version-history":[{"count":2,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/11983\/revisions"}],"predecessor-version":[{"id":11986,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/11983\/revisions\/11986"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/11984"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=11983"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=11983"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=11983"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}