HOW CAN
ORGANISATIONS
PREVENT DNS
ATTACKS?
E
fficientIP, a leading
specialist in DNS
security for service
continuity, user
protection and
data confidentiality,
has announced
the results of its 2019 Global DNS Threat
Report, sponsored research conducted
by market intelligence firm IDC.
Well-publicised cyberattacks such as
WannaCry and NotPetya caused financial
and reputational damage to organisations
across the world. The impact caused by
DNS-based attacks is as important due to
its mission-critical role.
Over the past year, organisations faced
on average more than nine DNS attacks,
an increase of 34%.
Costs too went up 49%, meaning one in
five businesses lost over US$1 million
per attack and causing app downtime for
63% of those attacked.
Other issues highlighted by the study,
now in its fifth year, include the broad
range and changing popularity of attack
types, ranging from volumetric to low
signal, including phishing, 47%, malware-
based attacks, 39%, and old-school
DDoS, 30%.
Also highlighted were the greater
consequences of not securing the
DNS network layer against all possible
attacks. No sector was spared, leaving
organisations open to a range of
advanced effects from compromised
brand reputation to losing business.
Romain Fouchereau, Research Manager
European Security at IDC, said: “With
www.intelligentciso.com
|
Issue 16
The top impacts of DNS attacks
– damaged reputation, business
continuity and finances
an average cost of US$1 million per
attack and a constant rise in frequency,
organisations just cannot afford to ignore
DNS security and need to implement
it as an integral part of the strategic
functional area of their security posture
to protect their data and services.”
DNS is a central network foundation
which enables users to reach all the
apps they use for their daily work.
Most network traffic first goes through
a DNS resolution process, whether
this is legitimate or malicious network
activity. Any impact on DNS performance
has major business implications.
Three-in-five, 63%, of organisations
suffered application downtime, 45%
had their websites compromised and
one-quarter, 27%, experienced business
downtime as a direct consequence.
These could all potentially lead to
serious NISD (Network and Information
Security Directive) penalties. In addition,
one-quarter, 26%, of businesses had lost
brand equity due to DNS attacks.
Data theft via DNS continues to be
a problem. To protect against this,
organisations are prioritising securing
network endpoints, 32%, and looking for
better DNS traffic monitoring, 29%.
27