DNS Attacks Ravage Three-Quarters of US/UK Firms

Half of UK and US firms have suffered some form of DNS-related attack in the past year, leading to data loss and business downtime, according to new research from Cloudmark.

The security vendor interviewed 300 IT leaders across the two countries and found that 76% said they’d suffered a DNS attack at some point in the past, with DDoS (74%), DNS exfiltration (46%), DNS tunnelling (45%) and DNS hijacking (33%) the most common.   

Over half said they lost “business critical data” or revenue while a third said sensitive customer information was lost in the attack.

Customer retention and brand reputation were touted as the biggest concerns following an attack, but worryingly in the UK, almost a quarter of respondents (23%) said they didn’t know if their organization had ever suffered an attack.

Cloudmark CTO, Neil Cook, argued that DNS attacks need to be combatted in the same way as email and web-based threats.

“Basic and even next-generation firewalls are not enough to deal with these application-level security threats, thus email security gateways and web content-filtering/AV filtering solutions have been developed by vendors and deployed by most enterprises,” he told Infosecurity.

“The latest example of refinements to these security components are solutions to detect APTs in email and web traffic, for example. Similarly for DNS, what is required is for enterprises to start deploying dedicated, application-level security solutions for DNS.”

There have been industry efforts to combat some of the inherent security issues in the DNS, such as the roll-out of DNSSEC to address cache poisoning, he added.

“However standards don’t solve all problems, and we fully expect that a DNS security solution will be the norm for most enterprises and service providers within the next few years, which will help make DNS a much more secure infrastructure in the future,” said Cook

What’s Hot on Infosecurity Magazine?