EDITOR’S QUESTION
HOW CAN ORGANISATIONS
PREVENT DNS ATTACKS?
fficientIP, a leading
specialist in DNS security
for service continuity,
user protection and
data confidentiality,
has announced findings
from its 2019 Global DNS Threat Report,
sponsored research conducted by market
intelligence firm IDC.
E
Over the past year, organisations faced on
average more than nine DNS attacks, an
increase of 34%.
Costs too went up 49%, meaning one in
five businesses lost over US$1 million per
attack and causing app downtime for 63%
of those attacked. Other issues highlighted
by the study, now in its fifth year, include
the broad range and changing popularity
of attack types, ranging from volumetric
to low signal, including phishing, 47%,
malware-based attacks, 39%, and old-
school DDoS, 30%.
Also highlighted were the greater
consequences of not securing the
www.intelligentdatacentres.com
DNS network layer against all possible
attacks. No sector was spared, leaving
organisations open to a range of advanced
effects from compromised brand
reputation to losing business. and NotPetya caused financial and
reputational damage to organisations
across the world. The impact caused by
DNS-based attacks is as important due to
its mission-critical role.
Romain Fouchereau, Research Manager
European Security at IDC, said: “With an
average cost of US$1m per attack and a
constant rise in frequency, organisations
just cannot afford to ignore DNS security
and need to implement it as an integral
part of the strategic functional area of
their security posture to protect their data
and services.” The top impacts of DNS attacks
– damaged reputation, business
continuity and finances
DNS is a central network foundation which
enables users to reach all the apps they
use for their daily work. These could all potentially lead to serious
NISD (Network and Information Security
Directive) penalties. In addition, one-
quarter, 26%, of businesses had lost brand
equity due to DNS attacks.
Most network traffic first goes through a
DNS resolution process, whether this is
legitimate or malicious network activity.
Any impact on DNS performance has
major business implications. Well-
publicised cyberattacks such as WannaCry
Three-in-five, 63%, of organisations
suffered application downtime, 45%
had their websites compromised and
one-quarter, 27%, experienced business
downtime as a direct consequence.
Data theft via DNS continues to be
a problem. To protect against this,
organisations are prioritising securing
network endpoints, 32%, and looking for
better DNS traffic monitoring, 29%.
Issue 09
29