DNS Attacks Grow More Frequent and Costly
Domain name server (DNS) attacks have grown in frequency and cost, according to multiple research reports published this week.
The Domain Fraud Threats Report from Proofpoint found that Chengdu West Dimension Digital, NameSilo, Public Domain Registry and GoDaddy are the top fraudulent domains. Of the millions of fraudulent domains registered, 1 in 4 have security certificates and more than 90% remain active on a live server. In addition, more than 15% have mail exchanger records.
“Fraudulent domains 'hide in plain sight' by using many of the same top-level domains (TLDs), registrars, and web servers as legitimate domains. For example, 52% of all new domain registrations in 2018 used the .com TLD. The TLD was similarly popular with fraudsters: nearly 40% of new fraudulent domain registrations used .com,” Proofpoint’s Ali Mesdaq wrote in a June 17 blog post.
While many organizations have faced a 34% increase in DNS attacks since 2018, more than 85% of top retail brands found domains selling counterfeit versions of their products and 63% of organizations suffered application downtime. The report also found that 45% of organizations had their websites compromised, and 27% experienced business downtime.
“One in five businesses lost over $1 million per attack and causing app downtime for 63% of those attacked,” a June 18 press release said. The study also highlighted the changing popularity of attack types, which reflect a shift from volumetric to low signal, including phishing, malware-based attacks and old-school distributed denial of service (DDoS).
“With an average cost of $1m per attack and a constant rise in frequency, organizations just cannot afford to ignore DNS security and need to implement it as an integral part of the strategic functional area of their security posture to protect their data and services,” said Romain Fouchereau, research manager European security at IDC.
Source: Information Security Magazine