Global DNS Threat Survey Report Archives - Cyber Secure Forum | Forum Events Ltd
Posts Tagged :

Global DNS Threat Survey Report

UK Public and education sector face major DNS threats

 960 640 Stuart O'Brien
By:
0
0

New research has revealed DNS-based attacks cost global organisations an average of over £1.7 million in 2016 alone, with UK councils, Government offices and schools affected badly.

One in five (19%) of public sector sites and 11% of education bodies affected by DNS attacks say sensitive information was stolen, compared to 16% in the UK overall. A fifth (20%) of public sector and 12% of educational victims also think intellectual property data was lost compared to 15% for UK organisations overall, while 10% of schools and colleges affected say they needed to take more than one day to recover.

This is in the context of annual average costs of DNS security breaches to be now running at £1.7m ($2.2m) for organisations globally, with malware (35%), DDoS (32%), Cache Poisoning (23%), DNS Tunnelling (22%) and Zero-Day Exploits (19%) as the main threats.

The findings come from the 2017 Global DNS Threat Survey report, created by EfficientIP.

David Williamson, CEO of EfficientIP, pointed out that the imminent (May 2018) arrival of the General Data Protection Regulation (GDPR) should sound loud alarm bells for CIOs and CISOs working in the sectors. “In less than a year, GDPR will come into effect, so organisations really need to start rethinking their security in order to manage today’s threats and save their businesses,” he added.

Over a third (35%) of public sector organisations and a quarter (25%) of education organisations have been subjected to DNS-based Malware, DDoS (31% and 22%), Cache Poisoning (26% and 24%), DNS Tunnelling (20% and 19%) and Zero-Day attacks (19% and 13%) in the past year.

49% of education sector DNS victims also stated the size of the DDoS attack they faced was between 1Gbits/sec and 5Gbits/sec and almost a third (30%) between 5Gbits/sec and 10Gbits/sec.

Although 59% of public sector organisations and 57% of education organisations have a hosted/cloud DNS Appliance base, 36% and 35% respectively suffered cloud service downtime in the last 12 months.

“The results once again highlight that despite the evolving threat landscape and the increase in cyber-attacks, organisations across the globe and their IT departments still don’t fully appreciate the consequences of DNS-based attacks,” added Williamson.

To read the full report, click here

DNS-based attacks costs businesses $2m+ a year

 960 240 Stuart O'Brien
By:
0
0

Research by network services provider Efficient IP has revealed that poorly designed network solutions cost businesses more than $2 million a year.

The 2017 Global DNS Threat Survey Report explored the technical and behavioural causes of the rise in DNS threats and their potential effects to businesses across the world. Major issues highlighted by the study in its third year include a lack of awareness as to the variety of attacks, a failure to adapt security solutions to protect DNS and poor responses to vulnerability notifications. These concerns will not only be subject to regulatory changes, but also create a higher risk of data loss, downtime or compromised public image.

According to the report, carried out among 1,000 respondents across APAC, Europe and North America, 94% of respondents claim DNS security is critical for this business. Yet 76% of organisations have been subjected to a DNS attack in last 12 months and 28% suffered data theft. The Global DNS Threat Survey Report also estimates the annual average costs of the damages caused by DNS attacks to be $2.236 million (for organisations with 3,000+ employees). The leading causes were Malware (35%), DDoS (32%), Cache Poisoning (23%), DNS Tunnelling (22%) or Zero-Day Exploits (19%).

“The results once again highlight that despite the evolving threat landscape and the increase in cyber-attacks, organisations across the globe and their IT departments still don’t fully appreciate the risks from DNS-based attacks,” said David Williamson, CEO at EfficientIP.

“In less than a year, GDPR will come into effect, so organisations really need to start rethinking their security in order to manage today’s threats and save their business from fines of up to £20 million or 4% of global revenue.”

Globally, the results varied widely. 39% of respondents from the UK and US demonstrated more awareness of the top 5 DNS-based attacks than Spain (38%), Australia (36%), Germany (32%) and France (27%), but less than India (50%) and Singapore (47%). In the UK, the attacks organisations are the most aware of include: DNS-based Malware (52%), DDoS (43%), DNS Tunnelling (39%), Cache Poisoning (34%) and Zero-Day Exploits (28%).

The full report and recommendations can be read here