Three-quarters of CSOs and network directors (74%) have been victims of DNS attacks, and no wonder: Many don’t employ any kind of DNS security.
A study by EfficientIP discovered that only 59% were using any form of DNS security. This is concerning given that the most common attack types are also the main causes of business outages and data theft.
The top three DNS attacks that have the largest impact on an organization include:
DDoS attacks: 22% of the companies surveyed had been subject to DNS-based DDoS attacks in the last year.
Data exfiltration: 12% of organizations in North America and 39% in Asia have had data infiltrated via DNS in the last year.
Zero-day vulnerabilities: Almost 20% of the businesses surveyed had suffered an attack using DNS Zero-day vulnerabilities in the last year.
The report also found that 79% of respondents claim to be aware of the risks associated with DNS. Yet, only 23% of those surveyed recognized zero-day attacks or DNS tunneling as risks, only 29% are aware of cache poisoning, and only 30% are aware of DDoS attacks.
“The report has highlighted that despite the massive increase in cyber-attacks, companies and their IT departments still don’t fully appreciate the risks from DNS-based attacks,” said David Williamson, CEO at EfficientIP. “In just under two years GDPR will come into effect and companies will be held responsible for all security breaches and could face major fines. It’s crucial for all businesses to start taking DNS security seriously.”
In terms of the measures being taken to combat DNS issues, most businesses still rely on the ‘out-of-the-box’ non-secure DNS servers offered by Microsoft or Linux servers companies. IDC pointed out that while firewalls can protect on a basic level, they’re not designed to deal with high bandwidth DDoS attacks, or detect DNS tunneling attempts (the majority of DDoS attacks are now over 1Gbps).
Photo © Paul Fleet