DNS attacks on the rise finds 2021 Global DNS Threat Report

Published: Wednesday, 09 June 2021 07:12

EfficientIP has announced the results of its 2021 Global DNS Threat Report. The annual research, which was conducted in collaboration with IDC, sheds light on the frequency of the different types of DNS attack and the associated costs for the last year throughout the COVID-19 pandemic.

Globally, 87 percent of organizations surveyed experienced DNS attacks, with the average cost of each attack around £693,507 (€779,008). The Report shows that organizations across all industries suffered an average of 7.6 attacks this past year. These figures illustrate the pivotal role of DNS for network security, both as a threat vector and security objective. 

The 2021 DNS Threat Report found that, throughout the past year during the pandemic, attackers have increasingly targeted the cloud, profiting from the reliance on off-premise working and cloud infrastructures. Around a quarter of companies have suffered a DNS attack abusing cloud misconfiguration, with almost half of companies (47 percent) suffering cloud service downtime as a result of DNS attacks.

The Threat Report, now in its seventh year, also found a sharp rise in data theft via DNS, with 26 percent of organizations reporting having sensitive customer information stolen compared to 16 percent in 2020’s Threat Report. 

Evidence shows attackers are targeting more organizations and diversifying their toolkits. Threat actors relied on domain hijacking, where the user is connected not to the desired service but to a fake one, more than twice as often as last year. This year phishing also continued to grow in popularity (49 percent of companies experienced phishing attempts), as did malware-based attacks (38 percent), and traditional DDoS attacks (29 percent). 

Although the cost and variety of attacks remains high, there is a growing awareness of DNS security and how to combat these attacks.
76 percent of respondents in the 2021 Threat Report deemed DNS security a critical component of their network architecture. Additionally, the report found zero trust is evolving as a tool to protect networks in the remote era. 75 percent of companies are planning, implementing, or running zero trust initiatives and 43 percent of companies believe DNS domain deny and allow lists are highly valuable for improving control over access to apps. 

The DNS Threat Report finds solutions considered most effective by organizations for preventing theft includes: securing network endpoints (31 percent) and better monitoring threat and analysis of DNS traffic (26 percent).

The report suggests three recommendations for protecting data, apps, cloud services and users, including enhancing the privacy of remote workers with a private DoH solution, eliminating cloud service downtime caused by cloud misconfigurations through automating life-cycle management of IP resource, and making DNS the first line of defense / defence to stop the spread of attacks.

More details.