IT disaster recovery, cloud computing and information security news

EfficientIP has revealed the European results of its 2018 DNS Threat Report. Research for the report explored the technical causes and responses towards DNS-based threats and their potential effects on businesses across the world. Globally, 77 percent of organizations faced DNS attacks in the past year with each attack costing European businesses an average of €734,000.

The consequences of not securing DNS increases the risk of data loss, service downtime, compliance failure or compromised public image.

Key findings from the report include:

DNS attacks cost European businesses the most

DNS is the gateway to every corporate network and malicious actors are targeting it as a way to steal sensitive information. The research shows the average cost per DNS attack for European organizations has risen by 43 percent over the past year to €734,000, much higher than their North American and Asia Pacific counterparts. French organizations had the highest cost per attack at €847,000 and the UK had highest cost increase at 105 percent to €684,000. German organizations have reduced the impact of DNS attacks over the last year, increasing only by 15 percent this year.

Attacks dent revenue, but cloud services are better protected

On average, European companies suffered the most data theft at 39 percent, higher than the global average at 33 percent. Nearly half of French organizations admitted to losing sensitive data (48 percent) and UK companies suffered the least in the region at 32 percent. A third of European organizations had their websites compromised, with nearly half (48 percent) of Spanish organizations admitted to website downtime. A quarter (25 percent) of French organizations suffered loss of business as a consequence of DNS attacks.

European organizations are more effective than their global peers at protecting their cloud services

On average, a third (34 percent) of European businesses suffered cloud downtime, lower than the global average at 40 percent. Within the region, France has the most cloud outages due to DNS attacks at 41 percent, whereas Germany was the lowest at 28 percent.

DNS-based malware most prevalent in Europe

The top five DNS-based attacks in Europe reflect the global top five, with DNS-based malware (39 percent) being the most popular attack faced in the region, followed by phishing at 34 percent, DNS DDoS attacks at 20 percent, DNS tunneling at 19 percent, domain lock-up at 18 percent. DNS-based malware were more prevalent than anywhere else in world, with Germany facing the most attacks at 44 percent. Spanish organizations faced more DNS tunneling attacks at 24 percent than their European peers.

European businesses underinvest in keeping data confidential

DNS is recognized as a prime target for data exfiltration. Protecting the DNS requires monitoring and analysis of traffic to identify threats once they enter the corporate network. Conventional end-point and firewall technologies primarily focus on protecting the perimeter of every corporate network, therefore they are redundant once the threat moves inside.

European companies prioritized investment in securing network endpoints (38 percent), the monitoring and analysis of DNS traffic at 36 percent, and followed by firewalls at 20 percent. It’s positive to see DNS investment move into the top three, but more can be done in this area, and it may be why European organizations had the most data stolen within the last year.

Report demographics

The report was conducted by Coleman Parkes from January to April 2018. The results are based on 1,000 respondents in three regions - 300 respondents in North America, 400 respondents in Europe and 300 respondents in Asia Pacific. Respondents included CISOs, CIOs, CTOs, IT Managers, Security Managers and Network Managers.

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.