LONDON--(BUSINESS WIRE)--The 2020 Global DNS Threat Report, published by IDC and sponsored by EfficientIP, shows that over three quarters of government organizations (78%) have been victims of DNS attacks within the last 12 months. The cost of each attack has increased by more than 14% to an average of $636,130, with one in five of the government sectors surveyed experiencing more than 10 attacks a year.
The Threat Report demonstrates that, on average, government organizations are more vulnerable to certain DNS attack types than companies in other sectors. For instance, 42% of government organizations experienced DNS-based malware (compared to an average of 34%). 24% experienced lock-up domain attacks (compared to an average of 18%).
Almost one-third of the government agencies surveyed stated that they had experienced a Distributed Denial of Service (DDoS) attack, which can cause widespread disruption of local and central government’s network traffic as well as significant website and application downtime. Government organizations also had the highest cloud instance misconfiguration abuse at 22%.
Like many industries, government sectors suffer significant consequences from DNS attacks. These have resulted in reputational damage and loss of business more than any other sector surveyed. Government organizations are particularly vulnerable to in-house application downtime, with almost two-thirds (62%) reporting this. Half of the organizations surveyed also experienced compromised websites and cloud service downtime due to the attacks. These organizations are more vulnerable because threat actors can steal large amounts of highly personal information through DNS breaches. Exfiltration of data via DNS is very common, and nearly always goes unnoticed by firewalls as they are incapable of performing the necessary context-aware analysis of traffic.
“Attacks on government put entire nations at risk, not just individual institutions,” says Ronan David, Vice President of Strategy at EfficientIP. “A successful DNS attack can result in anything from significant financial losses for public services to putting an entire country’s data at risk of theft or distribution to a third party. Attacks can also decrease trust in government bodies at a time when a general trust in data handling is more important than ever.”
To mitigate these threats, the respondents in the survey rely on several methods. Government organizations are the most likely sector to attempt to throttle or block DDoS traffic at the network level. 53% of the government organizations surveyed temporarily shut down specific affected processes and connections, and 47% disabled some or all of the affected applications. A smarter approach would be to use purpose-built DNS security incorporating auto-remediation capability. On average, it took government institutions almost 5 hours to mitigate an attack—a long time for government workers and staff attempting to access vital apps and services.
This is why DNS security is particularly vital for government institutions. “There are critical points in time--such as elections or in a global disaster like a pandemic--when government takes center stage,” David says. “During these times, governments become even more at risk from cyberattacks. They need to make sure they're doing everything they can to protect themselves--and DNS can really help with that.”
Governments are utilizing DNS to some degree in shoring up security, though there is room for growth. Currently 25% of government institutions surveyed see analysis and monitoring of DNS traffic as a top priority for protecting data confidentiality, helping to fight ransomware. To safeguard apps, users and data, a zero-trust approach is also recommended, though just 27% of government institutions run or have piloted this to date. But on the positive side, four out of five institutions make use of DNS domain filtering, and 47% have recognized the value of DNS security event information, so are sending it to their SIEM solutions to help simplify and accelerate threat remediation.
The 2020 Global DNS Threat Report research, which was conducted in collaboration with leading market intelligence firm International Data Corporation (IDC), sheds light on the frequency of the different types of DNS attack, their business impacts and the associated costs for the last year.
The full 2020 Global DNS Threat Report is available online. Read the full report here: https://www.efficientip.com/resources/idc-dns-threat-report-2020/
- END -
NOTE TO EDITORS
The research was conducted by IDC from January to April 2020. The data collected represents respondents' experience for the previous year. The results are based on 900 respondents in three regions - North America, Europe and Asia Pacific. Respondents included CISOs, CIOs, CTOs, IT Managers, Security Managers and Network Managers.
EfficientIP is a network automation and security company, specializing in DNS-DHCP-IPAM solutions (DDI), with the goal of helping organizations worldwide drive business efficiency through agile, secure and reliable infrastructure foundations. We enable IP communication and simplify network management with end-to-end visibility and smart automation, while our patented technology secures DNS services to safeguard data and ensure application access. Companies in all sectors rely on our offerings to face the challenges of key IT initiatives such as cloud applications and mobility. For further information, please visit: www.efficientip.com