Governments Lose Millions to DNS Attacks Each Year
Global governments lose nearly $7 million on average from DNS attacks each year, the most of any sector, according to new research from EfficientIP.
The DNS security vendor commissioned IDC to poll nearly 1000 IT and security leaders from North America, Europe and Asia Pacific, to compile its IDC 2019 Global DNS Threat Report.
It revealed that public sector organizations around the world suffer on average 12 DNS attacks per year, costing over half a million dollars each, or $6.7 million in total.
Downtime and data theft appeared to account for the majority of DNS-related losses.
Over half (51%) of respondents reported in-house application becoming inaccessible as a result of DNS attacks in the past 12 months, while 43% faced cloud service downtime. A similar number (41%) suffered compromised websites which also put data at risk.
Nearly a fifth (19%) reported sensitive information or IP being stolen via DNS, by far the highest among all industries.
EfficientIP also claimed that over half of respondents (51%) were forced to shut down a server to stop an attack, pointing to poor levels of incident response and preparedness.
DNS traffic is used by hackers for a range of purposes: from C&C communications with infected corporate clients, to attempted redirection to phishing sites, and data exfiltration.
EfficientIP CEO, David Williamson, argued that as more government services move online it has expanded their DNS attack surface.
“When 91% of malware uses DNS, analysis of DNS transactions is vital for uncovering these dangerous threats hidden in network traffic. In particular, the detection of data exfiltration via DNS requires visibility and analytics on transactions from the client to the destination domain,” he added.
“Despite this, our latest research shows governments are significantly more exposed than other sectors to DNS attacks. This is unacceptable when governments are trusted with sensitive information by their citizens, so they need to understand the potential risks to protect both themselves and the public.”
As many as a third (32%) of government respondents said that DNS security is only low or moderately important.
Source: Information Security Magazine