Domain Name System (DNS) attacks are affecting organizations at an alarming rate. According to a Neustar International Security Council (NISC) survey conducted in September 2021, 72% of study participants said they had experienced a DNS attack in the past 12 months.
Of those targeted, 61% were victims of multiple attacks and 11% said they were regularly victimized. While a third of those surveyed recovered within minutes, 58% saw their business disrupted for more than an hour, and 14% took several hours to recover.
DNS attacks aren’t new, and they tend to fall lower on the threat list. Ransomware, distributed denial of service (DDoS) and targeted account hacking completed the top three threats perceived by respondents to the NISC survey for the six months starting in March 2021. However, DNS attacks appear to be on the rise. progressive upward trajectory.
In its October 2020 survey, the NISC found that 47% of respondents believed DNS compromise to be a growing threat; this number has grown slowly but steadily over the past year and now stands at 55% in the latest version.
According to the survey, 92% of organizations say their website is critical to business continuity and customer satisfaction at some level, and 16% are fully enabled by it. 56% of those surveyed consider their website to play a major role in day-to-day business, while only 8% believe that they would be able to conduct their business without their website up and running.
Organizations ill-prepared to face DNS attacks
Despite the obvious reliance on a functioning website for business continuity, only 31% of survey participants were very confident in their preparation to deal with a DNS attack that could take their website offline, and 27% were not confident.
â€œOrganizations are challenged to keep pace with emerging security threats in an increasingly borderless digital landscape. While some attack vectors may not be as visible or pose as imminent a threat as others, it is clear that bad actors will exploit any vulnerabilities they can find sooner rather than later, and they will cost organizations a great deal of money. valuable time, resources and activities, â€said Michael Kaczmarek, vice president of product management for Neustar Security Solutions.
â€œTo manage DNS security, organizations must continuously analyze DNS traffic leaving their organization, ensure that they maintain good hygiene and access controls for DNS-linked accounts, and most importantly, implement DNSSEC.
Cybercriminals seem to maintain a diverse approach to their attacks. While no single vector stands out as a preferred method, the prevalence of multiple tactics gives organizations insight into where they may need to shift their attention and strengthen security protocols. For example, 47% of respondents experienced a DNS hack and almost the same proportion (46%) experienced DNS flood, reflection, or amplification attacks that turned into DDoS, a major security issue. About a third of participants experienced DNS tunneling (35%) and cache poisoning (33%).
â€œDNS attacks may not grab the headlines like large DDoS attacks or ransomware do, but the business impact cannot be ignored and their ability to be ignored makes them even more dangerous,â€ Kaczmarek continued. “The latest data indicates that organizations must remain vigilant, close security holes and patrol for potential breaches 24 hours a day.”