Incident Score: Analysis & Impact (INT1769088576)

In this Rankiteo incident briefing, we review the Internet Systems Consortium breach identified under incident ID INT1769088576.

The analysis begins with a detailed overview of Internet Systems Consortium's information like the linkedin page: https://www.linkedin.com/company/internet-systems-consortium, the number of followers: 2641, the industry type: Technology, Information and Internet and the number of employees: 45 employees

After the initial compromise, the video explains how Rankiteo's incident engine converts technical details into a normalized incident score. The incident score before the incident was 766 and after the incident was 744 with a difference of -22 which is could be a good indicator of the severity and impact of the incident.

In the next step of the video, we will analyze in more details the incident and the impact it had on Internet Systems Consortium and their customers.

On 21 January 2026, Internet Systems Consortium (ISC) disclosed Denial-of-Service (DoS) issues under the banner "Critical BIND 9 Vulnerability (CVE-2025-13878) Enables Remote DNS Server Crashes".

The Internet Systems Consortium (ISC) has disclosed a high-severity vulnerability in BIND 9, tracked as CVE-2025-13878, that allows remote attackers to crash DNS servers by sending malformed BRID (Boundary Router Identifier) and HHIT (Host Identity Tag) records.

The disruption is felt across the environment, affecting DNS servers (authoritative and recursive resolvers).

In response, moved swiftly to contain the threat with measures like Upgrade to patched versions (9.18.44, 9.20.18, 9.21.17, 9.18.44-S1, 9.20.18-S1), and began remediation that includes Apply patches for affected BIND 9 versions.

The case underscores how and recommending next steps like Upgrade affected BIND 9 DNS servers to the latest patched versions immediately. No workarounds exist for this vulnerability.

Finally, we try to match the incident with the MITRE ATT&CK framework to see if there is any correlation between the incident and the MITRE ATT&CK framework.

The MITRE ATT&CK framework is a knowledge base of techniques and sub-techniques that are used to describe the tactics and procedures of cyber adversaries. It is a powerful tool for understanding the threat landscape and for developing effective defense strategies.