Domain Name System Is a Target for Hackers

 
 
By Karen A. Frenkel  |  Posted 08-28-2017 Email
 
 
 
 
 
 
 
 
 
  • Previous
    Domain Name System Is a Target for Hackers
    Next

    Domain Name System Is a Target for Hackers

    Today's security solutions have not been designed to protect the Domain Name System (DNS) properly, resulting in data loss, downtime and brand damage.
  • Previous
    Security Not Good Enough
    Next

    Security Not Good Enough

    Today's security solutions have not been designed to protect the Domain Name System (DNS) properly, and 49% of businesses are not even aware of DNS-based malware.
  • Previous
    Growing Awareness
    Next

    Growing Awareness

    41% of businesses are aware of DNS DDoS attacks, up from 38% last year. 38% know about data exfiltration through DNS, up significantly from 24% in 2016. 26% are aware of DNS zero-day vulnerabilities, up from 24% last year.
  • Previous
    Volumetric Attacks
    Next

    Volumetric Attacks

    DNS DDoS attacks flood the network with vast amounts of traffic. Most DNS servers can handle 300,000 queries per second, but 88% of DNS DDoS attacks are more than 1 million QPS (1GB per second).
  • Previous
    Inadequate Patching
    Next

    Inadequate Patching

    Zero-Day attacks take advantage of DNS security holes for which no patch has been applied. Although 11 critical patches have been released under Bind technology in 2016, 83% of organizations have applied fewer than 7 patches.
  • Previous
    Data Exfiltration
    Next

    Data Exfiltration

    Firewalls, intrusion detection systems and secure web gateways do not perform complete DNS transaction analyses and are unable to detect exfiltrated data. This year, 28% of respondents who were attacked had sensitive data stolen.
  • Previous
    Cost of Attack
    Next

    Cost of Attack

    No sector is safe. Looking at the average cost of a single attack, the highest was for communications organizations ($622,000), followed by financial services ($588,000). The lowest was for healthcare organizations ($282,000).
  • Previous
    Time to Mitigate
    Next

    Time to Mitigate

    On average, it takes more than five hours to mitigate a DNS attack. 45% of respondents spent more than half a day resolving an attack.
  • Previous
    Damage from DNS Attacks in 2017 vs. 2016
    Next

    Damage from DNS Attacks in 2017 vs. 2016

    In-house app downtime: 37% in 2017 vs. 40% in 2016. Compromised website: 36% vs. 27%. Brand damage: 20% vs. 12.3%. Loss of business: 20% vs. 20.5%. Sensitive customer data stolen: 18% vs. 9.5%. Intellectual property stolen: 14% vs. 14.5%.
  • Previous
    Midsize Companies Hit Hardest
    Next

    Midsize Companies Hit Hardest

    Midsize organizations with 5,000 to 9,999 employees were most affected by DNS attacks. 34% reported costs between $0.5 million to $5 million.
  • Previous
    Small Firms Less Likely to Recover
    Next

    Small Firms Less Likely to Recover

    DNS attacks can cost a lot more for large organizations, but they usually recover, whereas smaller organizations find it much harder to recuperate financially.
 

The mission-critical Domain Name System (DNS) is increasingly a target of more creative cyber- attacks designed to cause downtime or damage, according to a new study. Attackers use the DNS to exfiltrate data or launch distributed-denial-of-service attacks, according to the 2017 "Global DNS Threat Survey," conducted by Coleman Parkes for EfficientIP. DDoS attacks are the second highest DNS-related attack type (32 percent) after malware (35 percent). In third place is Cache Poisoning (23 percent), followed by DNS Tunneling (22 percent) and Zero-Day exploits (19 percent). Yearly average costs of damages caused by DNS attacks are $2.2 million, and 76 percent of organizations have been victimized during the past 12 months (up 2 percent since last year), the report revealed. "Organizations must ensure they have the right solution in place to prevent business damage, such as a loss of sensitive information, downtime or compromised public image," said David Williamson, CEO of EfficientIP. The survey included 1,000 respondents, including 300 from North America, 400 from Europe and 300 from APAC. The survey's goal was to examine the technical and behavioral causes for the rise in DNS threats and the potential business effects, and to suggest straightforward, rapid remedies.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login Register