Cyberattacks on the Domain Name System (DNS) servers have become one of the most significant threats to the digital ecosystem.
The dependency on DNS for various networked applications including email, web browsing, e-commerce, and internet telephony, has made organizations vulnerable to cyber attacks.
The recent 2020 Global DNS Threat Report by EfficientIP, in collaboration with IDC, sheds light on the occurrence of the different types of DNS attacks and the associated costs.
According to the report, nearly 79% of the surveyed organizations have experienced DNS attacks in 2020, with the average cost of each attack stood at around USD 924,000.
Organizations across all industries faced on average more than 9.5 attacks this year.
Changing threat landscape
The DNS threat report revealed a drastic change in the attack types ranging from volumetric to low signal. Cybercriminals have diversified their approach to include more stealth, low bandwidth tactics, such as phishing and malware-based attacks.
- Phishing Attacks – 39%
- Malware-based attacks – 34 %
- Traditional DDoS – 27 %
Moreover, the size of DDoS attacks is also rising, with almost 64% being over 5 Gbit/s.
Cloud Fuelling DNS Attacks
The adoption of cloud-based DNS has drastically disrupted the DNS landscape.
In recent years, there is a drastic shift from the traditional DNS to cloud-based DNS to enhance flexibility and improve DNS performance for a better user experience.
However, the new trend has introduced a host of DNS security threats including Distributed Denial-of-Service (DDoS) and Zero-day attacks.
With the sudden rise in the number of business-critical applications hosted in hybrid-cloud environments, cybercriminals are increasingly targeting the cloud.
The report revealed that the companies that experienced cloud service downtime increased to 50 % in 2020, from 41% in 2019, a sudden surge of nearly 22%.
Moreover, 82% of the companies experienced application downtime, whether in-house or in the cloud, significantly due to the DNS attacks.
According to the report, in-house app downtime remained extremely high at 62% in 2020 compared to 63% in 2019.
The increased dependency on cloud services during the ongoing coronavirus pandemic has made the cloud even more lucrative for cybercriminals.
North America Most Vulnerable to DNS Attacks
According to the report, North America continues to be the most exposed landscape to DNS attacks this year.
Based on the regional damage from DNS attacks, North America stands atop with the average cost of the attack at USD 1,073,000. However, the financial loss has decreased by about 1.36% from the last year.
Globally, the United States leads the way with the average cost of the attack at USD 1,082,710, down by nearly 4% from last year.
ALSO READ: Cyber Incident Management Solutions (IMS) in US
Growing Demand for DNS Security
The rise in DNS-based attacks such as DNS hijacking, DDoS, and DNS tunneling has fuelled the demand for DNS security solutions.
According to the report, 77% of the companies regarded DNS security as a critical component of their network architecture, compared to 64% in the last year.
Other developments include
- 31% rise in adopting Zero Trust strategies, up from 17% in 2019
- 55% rise in the use of predictive analytics, up from 45% in 2019
- 29% of companies used Security and Event Management (SIEM) software to detect compromised devices
- 33% of companies passed DNS information to SIEM for analysis, up from 22% in 2019
However, many organizations continue to fail when it comes to prioritizing DNS security. While DNS is imperative for business continuity, data privacy, and security, organizations think that securing DNS is only moderately important.
According to DNS Threat Report,
- 25% of companies do not perform analytics on their DNS traffic
- 35% do not make use of internal DNS traffic for filtering
- only 12% collect DNS logs and correlate through ML
In Conclusion
“The consequences of DNS attacks can be very damaging financially and can have a direct impact on business continuity. Ensuring DNS service availability and integrity must become a priority for any organization,” says Romain Fouchereau, Research Manager of European Security at IDC.
So, organizations need to acknowledge that the critical importance of DNS security is the first and foremost step in improving the cybersecurity posture.
How Can Stealthlabs Help?
StealthLabs is a US-based IT Security service and solutions provider with strong domain expertise. Our services include Compliance Advisory, Incident Management, IAM Solutions, and Managed IT Security.