Skip to main

You are here

Volume of DNS attacks on the rise warns IDC in 2021 Threat Report

DNS must play a role in an effective system, said Ronan David, VP of strategy, Efficient IP

 

The number of DNS attacks has risen globally in the last year, according to research by IDC. The 2021 Global DNS Threat Report states that 87% of survey respondents experienced some form of DNS attack in the last 12 months – an 8% increase on last’s year’s report.

Of the UK organisations surveyed, 91% claimed they had suffered DNS attack in the last year, however, there was a 27% decline in the damages stemming from DNS attacks. Damages in 2021 were GBP£530,659 (€596,083) a drop from £729,131 in the previous year.

Damages in Europe averaged £662,271 (€743,920) per incident – a 3% increase from the 2020 report.

UK companies in the survey also reported the lowest average number of incidents – 5.78 – in the last year.

The report, which was sponsored by Efficient IP, found that cyber criminals had increasingly targeted cloud infrastructure and remote working sites. Around a quarter of respondents suffered a DNS attack abusing cloud misconfiguration, with almost half of companies – 47% – experienced cloud service downtime as a result of DNS attacks.

The report, now in is seventh year, also identified a 10% year-on-year hike in the data theft – overall 26% of respondents said they were a victim of data theft as a result of a DNS attack.

“While it is positive that companies want to use DNS to protect their increasingly remote workforces, organisations are continuing to suffer the costly impacts of DNS attacks,” says Romain Fouchereau, research manager, European Security, IDC.

“As threat actors seek to diversify their toolkits, businesses must continue to be aware of the variety of threats posed, ensuring DNS security is a key priority to preventing these,” he added.

The report also indicated that zero trust was evolving as a tool to protect networks. According to IDC, 75% of respondents are planning, implementing or running zero trust initiatives. A further 43% of companies believe DNS domain ‘deny and allow’ lists are highly valuable for improving control over access to apps.

The report identifies the two methods considered most effective by end user organisations to prevent theft are securing network endpoints and better monitoring and analysis of DNS traffic.

“This past year of the pandemic has shown us that DNS must play a role in an effective security system,” said Ronan David, VP of strategy, Efficient IP. 

“As workers look to more permanently transition to off-premise sites, making use of cloud, IoT, edge and 5G, companies and telecom providers should look to DNS for a proactive security strategy. This will ensure the prevention of network or application downtime [and protect] organisations from confidential data theft and financial losses,” he added.

The report makes three recommendations for protecting data, apps, cloud services and users, including enhancing the privacy of remote workers with a private DoH solution, eliminating cloud service downtime caused by cloud misconfigurations through automating life-cycle management of IP resource and making DNS the first line of defense to stop the spread of attacks.