Here is a summary of the CISA alert about Fast Flux as a national security threat:
CISA, together with the NSA, FBI, ASD’s ACSC (Australia), CCCS (Canada), and NCSC-NZ (New Zealand), released a joint Cybersecurity Advisory warning about the ongoing threat of fast flux-enabled malicious activities.
“Fast flux” is a technique that uses rapidly changing DNS records for a single domain name to hide the true location of malicious servers, making detection and blocking difficult.
This technique exploits common gaps in network defenses.
The agencies recommend a multi-layered approach to detecting and mitigating fast flux threats.
Service providers, particularly Protective DNS (PDNS) providers, should track, share info about, and block fast flux as part of their services.
Government and critical infrastructure organizations are urged to use cybersecurity and PDNS services that block these activities to close existing defense gaps.
More information is available in the referenced advisory PDF and resources on selecting a protective DNS service.