Domain Name System Is a Target for Hackers
Today’s security solutions have not been designed to protect the Domain Name System (DNS) properly, resulting in data loss, downtime and brand damage.
Today’s security solutions have not been designed to protect the Domain Name System (DNS) properly, and 49% of businesses are not even aware of DNS-based malware.
41% of businesses are aware of DNS DDoS attacks, up from 38% last year.
38% know about data exfiltration through DNS, up significantly from 24% in 2016.
26% are aware of DNS zero-day vulnerabilities, up from 24% last year.
DNS DDoS attacks flood the network with vast amounts of traffic. Most DNS servers can handle 300,000 queries per second, but 88% of DNS DDoS attacks are more than 1 million QPS (1GB per second).
Zero-Day attacks take advantage of DNS security holes for which no patch has been applied. Although 11 critical patches have been released under Bind technology in 2016, 83% of organizations have applied fewer than 7 patches.
Firewalls, intrusion detection systems and secure web gateways do not perform complete DNS transaction analyses and are unable to detect exfiltrated data. This year, 28% of respondents who were attacked had sensitive data stolen.
No sector is safe. Looking at the average cost of a single attack, the highest was for communications organizations ($622,000), followed by financial services ($588,000). The lowest was for healthcare organizations ($282,000).
On average, it takes more than five hours to mitigate a DNS attack. 45% of respondents spent more than half a day resolving an attack.
In-house app downtime: 37% in 2017 vs. 40% in 2016.
Compromised website: 36% vs. 27%.
Brand damage: 20% vs. 12.3%.
Loss of business: 20% vs. 20.5%.
Sensitive customer data stolen: 18% vs. 9.5%.
Intellectual property stolen: 14% vs. 14.5%.
Midsize organizations with 5,000 to 9,999 employees were most affected by DNS attacks. 34% reported costs between $0.5 million to $5 million.
DNS attacks can cost a lot more for large organizations, but they usually recover, whereas smaller organizations find it much harder to recuperate financially.