The 2020 Global DNS Threat Report, published by IDC and sponsored by EfficientIP, shows that over three quarters of government organizations (78%) have been victims of DNS attacks within the last 12 months. The cost of each attack has increased by more than 14% to an average of $636,130, with one in five of the government sectors surveyed experiencing more than 10 attacks a year.
The Threat Report demonstrates that, on average, government organizations are more vulnerable to certain DNS attack types than companies in other sectors. For instance, 42% of government organizations experienced DNS-based malware (compared to an average of 34%). 24% experienced lock-up domain attacks (compared to an average of 18%).
Almost one-third of the government agencies surveyed stated that they had experienced a Distributed Denial of Service (DDoS) attack, which can cause widespread disruption of local and central government’s network traffic as well as significant website and application downtime. Government organizations also had the highest cloud instance misconfiguration abuse at 22%.
“There are certain seasons- such as elections or in a global disaster like a pandemic- when government takes center stage,” says Ronan David, VP of Strategy at EfficientIP. “During these times, governments become even more at risk from cyberattacks. And it’s not just national-level assets, it’s the state and local assets too: a successful DNS attack can result in anything from significant financial losses for public services to putting people’s data at risk of theft or distribution to a third party. Attacks can also decrease trust in government bodies at a time when a general trust in data handling is more important than ever.”
Indeed, according to the Threat Report government suffers reputational damage and loss of business more than any other sector surveyed at 35% (the average was 29%). Government organizations are also vulnerable to in-house application downtime, with almost two-thirds (62%) reporting this. Half of the organizations surveyed also experienced compromised websites and cloud service downtime due to the attacks. These organizations are more vulnerable because threat actors can steal large amounts of highly personal information through DNS breaches. Exfiltration of data via DNS is very common, and nearly always goes unnoticed by firewalls as they are incapable of performing the necessary context-aware analysis of traffic.
To mitigate these threats, the respondents in the survey rely on several methods. Government organizations are the most likely sector to attempt to throttle or block DDoS traffic at the network level. 53% of the government organizations surveyed temporarily shut down specific affected processes and connections, and 47% disabled some or all of the affected applications. A smarter approach would be to use purpose-built DNS security incorporating auto-remediation capability.
“On average, it took government institutions almost 5 hours to mitigate a DNS attack,” David says. “That’s a long time for government workers and staff who might be attempting to access vital apps and services. It’s an even longer time when you’re juggling a time-sensitive event, such as vote-counting in an election or communication during pandemic response. DNS has a stronger role to play here in combating attacks.”
Governments are utilizing DNS to some degree in shoring up security, though there is room for growth. Currently 25% of government institutions surveyed see analysis and monitoring of DNS traffic as a top priority for protecting data confidentiality, helping to fight ransomware. To safeguard apps, users and data, David recommends a zero-trust approach, though just 27% of government institutions run or have piloted this to date. But on the positive side, four out of five institutions make use of DNS domain filtering, and 47% have recognized the value of DNS security event information, so are sending it to their SIEM solutions to help simplify and accelerate threat remediation.
The 2020 Global DNS Threat Report research, which was conducted in collaboration with leading market intelligence firm International Data Corporation (IDC), sheds light on the frequency of the different types of DNS attack, their business impacts and the associated costs for the last year.
The full 2020 Global DNS Threat Report is available online. Read the full report here: https://www.efficientip.com/resources/idc-dns-threat-report-2020/
– END –
NOTE TO EDITORS
The research was conducted by IDC from January to April 2020. The data collected represents respondents’ experience for the previous year. The results are based on 900 respondents in three regions – North America, Europe and Asia Pacific. Respondents included CISOs, CIOs, CTOs, IT Managers, Security Managers and Network Managers.
ABOUT EFFICIENTIP
EfficientIP is a network automation and security company, specializing in DNS-DHCP-IPAM solutions (DDI), with the goal of helping organizations worldwide drive business efficiency through agile, secure and reliable infrastructure foundations. We enable IP communication and simplify network management with end-to-end visibility and smart automation, while our patented technology secures DNS services to safeguard data and ensure application access. Companies in all sectors rely on our offerings to face the challenges of key IT initiatives such as cloud applications and mobility. For further information, please visit: www.efficientip.com
View source version on businesswire.com: https://www.businesswire.com/news/home/20201118005824/en/