On January 22, the Department of Homeland Security (DHS) issued a directive to government agencies in response to breaches of the Domain Name System (DNS). The attackers used stolen credentials to alter DNS entries and steal certificates used for encryption and decryption.