Partner Article

76% of organisations have suffered DNS attacks

Fifty-Two Percent of Affected Organisations Admit to Losing Business-Critical Data or Revenue Despite Citing the Safeguarding of Company Intellectual Property as a Major Concern

Seventy-six percent of organisations in the U.S. and U.K. have suffered a Domain Name System (DNS) attack, with 49 percent experiencing one in the past 12 months. The most common DNS threats reported were DDoS (74 percent), DNS exfiltration (46 percent), DNS tunnelling (45 percent) and DNS hijacking (33 percent) by those who had suffered an attack. That’s according to an independent research study undertaken by Vanson Bourne and commissioned by Cloudmark, Inc.

Three hundred IT decision makers were polled across the U.S. and U.K. and, of those who reported suffering a DNS attack, more than half admitted to losing business critical data or revenue. An astounding third of respondents also confirmed they had lost confidential customer information. Despite these serious business implications, 44 percent of those who found it difficult to justify DNS security investment to their company felt it was because their senior management do not see DNS security as an issue and are, in fact, considered barriers to investment. This is in spite of more than half of the IT decision makers polled (55 percent) citing the theft of private or confidential data as a major concern to their organisation.

“The survey findings suggest that large organisations are not only inadequately protecting company intellectual property against DNS attacks but more needs to be done to help educate businesses on the methods used by DNS attackers,” said Neil Cook, chief technology officer at Cloudmark.

“While DDoS threats continue to be a common method of attack to siphon off valuable resources, organisations need to review their security solutions to ensure they can protect against a multitude of other attacks including DNS exfiltration and DNS tunnelling, particularly in industries where high-value data is held, such as retail and financial industries. Once an organisation’s data is in the hands of cyber-criminals, the brand reputation, customers and ultimately revenue of that organisation can be severely affected.”

Additional findings from the research include:

Shockingly, in the U.S., 66 percent of respondents have experienced a DNS attack in the past 12 months. Of more concern, 23 percent of U.K. respondents admitted they did not know if their organisation had ever suffered a DNS attack. Retail, distribution and transport firms reported the highest instance of DNS attacks of all vertical industries polled, with 74 percent suffering from an attack in the past 12 months. The industry also revealed itself as the biggest victim of DNS exfiltration attacks (56 percent), with financial services organisations a close second (51 percent) of those who had been victim to an attack. Customer retention and brand reputation were the top concerns reported following a DNS attack.

For more information about the impact of DNS threats, please visit: https://www.cloudmark.com/en/register/whitepapers/infonetics-protecting-dns-infrastructure/direct/pdf

This was posted in Bdaily's Members' News section by Cloudmark .