DNS attacks are having significant impacts on many organizations
- Published: Tuesday, 26 October 2021 08:07
Domain name system (DNS) attacks are impacting organizations at ‘worrisome rates’, according to a new survey from the Neustar International Security Council (NISC). Conducted in September 2021, 72 percent of study participants reported experiencing a DNS attack within the last 12 months. Among those targeted, 61 percent have seen multiple attacks and 11 percent said they have been victimised regularly. While one-third of respondents recovered within minutes, 58 percent saw their businesses disrupted for more than an hour, and 14 percent took several hours to recover.
DNS attacks are nothing new, and they tend to fall further down the list of threat concerns. Ransomware, distributed denial-of-service (DDoS) and targeted hacking of accounts have rounded out the top three perceived threats by NISC survey respondents for the six months beginning March 2021. However, DNS attacks appear to be on a gradual upward trajectory. In its October 2020 survey, NISC found that 47 percent of respondents felt DNS compromise was an increasing threat; that number has risen slowly but steadily over the past year and now stands at 55 percent in the latest release.
According to the NISC survey, 92 percent of organizations report that their website is vital to business continuity and customer fulfilment at some level, with 16 percent entirely enabled by it. More than half of respondents (56 percent) consider their website as having a major role in day-to-day activity, while only 8 percent feel they would be able to conduct business without their website up and running. Despite the clear reliance on a functional website for business continuity, only three in ten (31 percent) survey participants were very confident in their preparedness to deal with a DNS attack that could take their website offline, and more than a quarter (27 percent) were not confident.
Cyber criminals appear to be maintaining a diversified approach to their attacks. Although no single vector stands out as a favoured method, the prevalence of several tactics gives organizations some insight to where they may need to turn their attention and fortify security protocols. For instance, nearly half of respondents (47 percent) experienced DNS hijacking and nearly the same proportion (46 percent) encountered DNS flood, reflection or amplification attacks that segued into DDoS, a chief security concern. Approximately one-third of participants fell victim to DNS tunnelling (35 percent) and to cache poisoning (33 percent).
“Organizations are challenged to keep pace with emerging security threats in an increasingly borderless digital landscape. Although some attack vectors may not be as visible or pose as imminent a threat as others, it is clear bad actors will exploit any vulnerability they can find sooner rather than later, and they will cost organizations valuable time, resources and business,” said Michael Kaczmarek, vice president of product management for Neustar Security Solutions. “To manage DNS security, organizations need to continuously analyse the DNS traffic leaving their organization, make sure they maintain good hygiene and access controls for DNS related accounts, and, most importantly, implement DNSSEC.”
The International Cyber Benchmarks Index is based on a bimonthly online survey of security professionals, conducted by Harris Interactive on behalf of NISC. Participants in the latest survey comprised 302 professionals from across six EMEA and US markets. All were in senior positions within their organizations and able to provide informed opinions about cyber security issues, including how these are impacting their enterprise and the wider business community.