According to a new survey from the Neustar International Security Council (NISC) conducted in September 2021, 72 per cent of study participants reported experiencing a DNS attack within the last 12 months. Among those targeted, 61 per cent have seen multiple attacks and 11 per cent said they have been victimised regularly. While one-third of respondents recovered within minutes, 58 per cent saw their businesses disrupted for more than an hour, and 14 per cent took several hours to recover.
DNS attacks are nothing new, and they tend to fall further down the list of threat concerns. Ransomware, distributed denial-of-service (DDoS) and targeted hacking of accounts have rounded out the top three perceived threats by NISC survey respondents for the six months beginning March 2021. However, DNS attacks appear to be on a gradual upward trajectory. In its October 2020 survey, NISC found that 47 per cent of respondents felt DNS compromise was an increasing threat; that number has risen slowly but steadily over the past year and now stands at 55 per cent in the latest release.
According to the NISC survey, 92 per cent of organisations report that their website is vital to business continuity and customer fulfilment at some level, with 16 per cent entirely enabled by it. More than half of respondents (56 per cent) consider their website as having a major role in day-to-day activity, while only 8 per cent feel they would be able to conduct business without their website up and running. Despite the clear reliance on a functional website for business continuity, only three in ten (31per cent) survey participants were very confident in their preparedness to deal with a DNS attack that could take their website offline, and more than a quarter (27 per cent) were not confident.
“Organisations are challenged to keep pace with emerging security threats in an increasingly borderless digital landscape. Although some attack vectors may not be as visible or pose as imminent a threat as others, it is clear bad actors will exploit any vulnerability they can find sooner rather than later, and they will cost organisations valuable time, resources and business,” said Michael Kaczmarek, vice president of product management for Neustar Security Solutions. “To manage DNS security, organisations need to continuously analyse the DNS traffic leaving their organisation, make sure they maintain good hygiene and access controls for DNS related accounts, and, most importantly, implement DNSSEC.”
Cyber criminals appear to be maintaining a diversified approach to their attacks. Although no single vector stands out as a favoured method, the prevalence of several tactics gives organisations some insight to where they may need to turn their attention and fortify security protocols. For instance, nearly half of respondents (47 per cent) experienced DNS hijacking and nearly the same proportion (46 per cent) encountered DNS flood, reflection or amplification attacks that segued into DDoS, a chief security concern. Approximately one-third of participants fell victim to DNS tunnelling (35 per cent) and to cache poisoning (33 per cent).
“DNS attacks may not grab headlines like a big DDoS or ransomware attack does, but the business impact cannot be ignored and their ability to be overlooked makes them that much more dangerous,” continued Kaczmarek. “The latest data indicates that organisations need to remain vigilant, close security gaps, and patrol for potential breaches around the clock.”
Share