EfficientIP presents the results of its eighth DNS Threat Report showing the impact of Domain Name System (DNS) attacks on business operations over the past 12 months. The study conducted by the firm IDC shows that 88% of the companies questioned were targeted by one or more attacks and that on average, each successful attack cost $ 942,000. 70% of respondents had to deal with internal and cloud application downtime of 6 hours and 7 minutes on average. Nearly a quarter (24%) of businesses also have stolen intellectual property (IP) or sensitive data as a result of DNS attacks.
According to the report, while 73% of the companies surveyed consider DNS security to be important, only 43% of organizations do not use a security solution integrated with a DNS server and 62% still do not use automatic remediation. to ensure the security of the service.
“Arming DNS against cyber threats is very important. DNS is a critical foundation of any organization’s network security strategy. But every year, we see the same disturbing trends and data, which shows that organizations don’t take these risks seriously, ”said Jean-Yves Bisiaux, CTO and co-founder of EfficientIP. “At a time when we all hope that a hybrid environment can work from anywhere, business leaders must now insist that this environment is safe against hackers who continue to take advantage of this weak point in the defense. DNS should not be an Achilles heel of the organization; it should be the backbone of a resilient network security strategy designed to keep attackers stable. “
56% of respondents also agree that DNS is an integral part of their cloud computing strategy, helping build resiliency and intelligently direct application traffic to ensure availability and improve the user experience. Last year, 44% of organizations were affected by cloud service disruptions and 27% suffered DNS attacks that took advantage of incorrect cloud configuration. These effects can be mitigated by using DNS solution automation to enable provisioning and de-provisioning of IP resources and eliminate the risk of incorrect configuration. The top five DNS-based attacks experienced by organizations in the past 12 months are: Phishing (51%), Malware (43%), DDoS Attacks (30%), DNS Tunnels (28%) and hijacking/ attacking certificates (28%).
“The continued rise of digital transformation projects, which have accelerated rapidly over the past two years, as well as the adoption and migration of multi-cloud infrastructures while supporting the growing workforce distance, has resulted in more complexity. for IT security teams, ”said Romain Fouchereau, Research Manager European Security at IDC. “We know that organizations recognize the importance of using DNS capabilities to reduce attacks, but there are still weak areas in cyber defenses as attackers continue to diversify and deploy new attack strategies to infiltrate. businesses and cause damage. effective DNS tools and an active security. the strategy will ensure business continuity and greater agility and visibility when supporting the hybrid workforce. ” Procedure
The study, “2022 Global DNS Threat Report” commissioned by EfficientIP and conducted by business intelligence firm International Data Corporation (IDC), interviewed CISOs, CIOs, CTOs, IT managers, security managers and network managers from companies with at least 500 employees in North America, Europe and Asia-Pacific.