DNS attacks saw a sharp increase at the start of the year. Businesses should make better use of the DNS through threat intelligence and behavioral analysis to improve their ability to protect against attacks.
The 2020 edition of the survey, IDC 2020 Global DNS Threat Report conducted by IDC on behalf of EfficientIP, reveals the proliferation of different types of DNS attacks and their financial impacts for the period from January to April 2020. It points out in particular that, while the average number of attacks and the associated costs remain high, the transformation of businesses and awareness of the challenges of DNS security are increasing. The survey was conducted with 900 professionals present in three regions, North America, Europe and Asia-Pacific, including IT managers, security managers and network managers.
Not surprisingly, the period during which the investigation was conducted, just before and then during containment, reveals that the percentage of companies, having experienced interruptions in access to their cloud services following DNS attacks, increased by nearly 22%, the largest increase measured for affected systems. In addition, 79% of network managers in France consider the DNS to be an essential element for the security of their network, compared to 66% the previous year.
The cost of attacks has dropped, but the number has increased
The report reveals that the average cost of DNS attacks in Europe, however, dropped significantly, from 1.08 million euros in 2018 to around 802,047 € (a decrease of almost 26%). In France, the average cost of an attack in 2020 is the lowest, with € 749,740, which represents a significant drop of more than 22% compared to the previous year.
In parallel, the average number of attacks increased slightly in France, from 7.65 to 7.95. The threat of DNS attacks therefore remains very real, in particular phishing attacks, the most widespread DNS attack in France, suffered by 40.2% of businesses in the last 12 months, followed by malware based on DNS (30 , 39%) and DDoS attacks (22.55%).
Compared to the 2019 survey, almost four out of five organizations (79%) suffered DNS attacks in 2019, the average financial cost of each attack being around € 840,840. Organizations across all industries have suffered an average of 9.5 attacks this year, placing the DNS at the heart of network security for cybercriminals, who use it either as a vehicle or as the ultimate target of an attack, according to the study.
The cloud more and more attacked…
DNS attacks seem to be increasingly affecting the cloud. Businesses experiencing cloud service outages have grown from 41% in the 2019 report to almost 50% this year, an increase of nearly 22%. As in the previous year, a large majority of companies surveyed experienced interruptions in their internal applications (62% this year compared to 63% in 2019). Overall, application downtime, whether internal or in the cloud, is the most significant sequel to DNS attacks. Among the companies questioned, 82% declared that they had experienced a more or less moderate interruption.
This sixth edition of the report also shows the wide range and evolution of attack types worldwide, from the most volumetric, to the weak signal. This year, in terms of global cyberattacks, phishing was the most widespread attack (39% of companies were subjected to phishing attempts), ahead of malware-based attacks (34%) and DDoS (27%) . Note that the size of DDoS attacks is also increasing, with almost two thirds (64%) being greater than 5 Gbit / s.
… And more and more aware companies
However, despite these figures, or because of these figures, which are still worrying, companies are becoming more and more aware of the means to fight against these attacks: 77% of respondents worldwide considered that DNS security was an element essential to their network security (almost 80% in France), compared to 64% the previous year. In addition, the use of Zero Trust strategies is reaching maturity: 31% of companies are now applying or piloting the Zero Trust strategy (almost 25% in France), compared to 17% last year. Finally, the use of predictive analytics increased from 45% to 55%.
“The DNS offers valuable information that is currently underutilized in the fight against potential hackers,” said the report. According to 2020 results, currently 25% of companies do not analyze their DNS traffic (compared to 30% last year), and 35% of organizations do not use internal DNS traffic for filtering. Only 12% collect DNS registers and establish correlations via machine learning.