"NSA: DNS-over-HTTPS Provides 'False Sense of Security'"

DNS-over-HTTPS (DoH) continues to grow in popularity among enterprises to improve privacy and integrity. The privacy protocol is supposed to help prevent eavesdropping and the manipulation of DNS traffic. However, the US National Security Agency (NSA) is warning enterprises of the false sense of security that the adoption of encrypted DNS services can give them. Encrypted DNS services are useful for home and mobile users and networks that do not use DNS controls, but the US security agency does not recommend the use of such services for most enterprises. The agency has pointed out that DoH can disrupt tools used to monitor DNS traffic for malicious or suspicious activity. The NSA also warns that DoH can be used to hide malware command-and-control (C&C) communications traffic. This article continues to discuss the concept and growing popularity of DoH and why the NSA urges most enterprises to avoid using DoH inside their networks. 

Infosecurity Magazine reports "NSA: DNS-over-HTTPS Provides 'False Sense of Security'"