Too bad awareness did not equate to proactiveness, a yearly global study shows.
In 2019, the average incidence of Domain Name System attacks on businesses worldwide averaged 9.5 (up from 9.45 the previous year) attacks, carrying a mean cost of US$942,000. This raised awareness of the impact of such attacks to 64% from previous years.
This year, the same study indicates that awareness has jumped to 77%, largely attributed to an increased appreciation of DNS’s critical role in the user-to-app journey as more businesses migrate apps and services to the Cloud amid the coronavirus pandemic.
In the latest survey commissioned by EfficientIP, a greater proportion of the respondents cited that DNS attacks could cause increased damage in six areas they were asked about (2019 vs 2020):
- In-house application downtime: 63% in 2020 vs 62% in 2019
- Cloud Service downtime: 50% vs 41%
- Website compromise: 46% vs 45%
- Brand damage: 29% vs 26%
- Loss of clients and business: 29% vs 27%
- Theft of sensitive data: 16% vs 13%
The survey in early 2020 covered 900 organizations (minimum of 500 employees) spread across the globe. Computer-assisted Web Interviewing (CAWI) and Computer-assisted Telephone Interviewing (CATI) were used to complete the surveys of IT decision makers or security experts. Within the 900 responding organizations, five business-size segments and nine countries across Europe, Asia and North America were included.
The DNS attack landscape
In order of most common to least common, the percentages of the most frequent DNS breaches reported in early 2020 were:
- DNS phishing: 39%
- DNS-based malware: 34%
- Distributed Denial of Service (DDoS) attacks: 27%
- DNS amplification: 21%
- False-positive triggering: 19%
- DNS tunneling: 17%
The following 10 industries cited the biggest impact felt from lapses in DNS security:
- Manufacturing took the longest of all respondent industries to mitigate the attacks— almost seven hours—which affected physical safety and machinery uptime.
- Business Services had the highest cloud service downtime, at 65%, which had an impact on business continuity and customer experience.
- Financial Services had the highest cost per attack, at US$1.275m, indicating that cybercriminals used malware and other nefarious methods to attack high-value targets.
- Retail had the most (43%) compromised websites, which can drastically affect revenue.
- Telecoms and Media were the most targeted industry overall, with an average of 11.4 attacks and 8% of security breaches costing in excess of US$5m each.
- Healthcare experienced the most shutdowns on affected connections and processes (55%) which carried huge potential dangers for patient care.
- Education suffered the highest rate of IP or customer information being stolen (21%), leading to the loss of considerable amounts of personal data.
- Governments had the highest incidence of cloud misconfiguration abuse, at 22%, which could put nations at risk.
- Transportation showed the highest rate of in-house app downtime (67%) which could have a critical effect on infrastructure.
- Utilities were most affected by DNS malware (30%) which could lead to environmental and social damage and upheaval.
Overall DNS attacks can lead to the redirection of traffic to fake websites, the exposure of confidential company files or individuals’ personal details, and the slowing of loading time and functionality of a site. While other studies suggest 50% of companies feel unequipped for cyberattacks in general, the current findings by EfficientIP show that this number may be higher, especially in regard to DNS—but that there are steps that can be taken to increase DNS protection.
Some protection is not enough
Around 98% of the 900 companies questioned do have some form of DNS security in place, but their responses indicate that the protection measures are not yet mature.
For example, just 25% of DNS attacks were mitigated using auto-remediation, and 25% (down from 30% in 2019) did not perform DNS traffic analytics. This resulted in systems receiving huge volumes of false alarms, creating breach fatigue. With the application of AI and machine learning, the traffic could be pared down and streamlined.
In the area of data privacy management, protecting individuals’ data rights, while an added cost burden, can be leveraged to improve business growth and brand reputation, the report shows. However, even as new regulations are being introduced and adopted, data privacy systems (including Asia’s privacy framework) remained fragmented.
At an individual level, companies are recognizing the importance of putting their own security measures in place, and survey results have indicated that DNS monitoring and analysis is now seen as the most effective method of preserving data confidentiality.
On the whole, the research shows an increased understanding of how crucial DNS security is, but businesses are predominantly engaged in reactive rather than preventative strategies to deal with the issue. The progress is good, but there is room for further and faster tightening, for example, through user behavior analytics and security-by-design frameworks.