The Internet of Things (IoT) is widely expected to make our society safer, smarter, and more sustainable. However, a key challenge remains, which is how to protect users and Internet infrastructure operators from attacks on or launched through vast numbers of autonomously operating sensors and actuators. In this paper, we discuss how the security extensions of the Domain Name System (DNS) offer an opportunity to help tackle that challenge, while also outlining the risks that the IoT poses to the DNS in terms of complex and quickly growing IoT-powered Distributed Denial of Service (DDoS) attacks. We identify three challenges for the DNS and IoT industries to seize these opportunities and address the risks, for example by making DNS security functions (e.g., response verification and encryption) available on popular IoT operating systems.