The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Saturday, 17 August

Denial Of Service Costs Escalate

DNS Threat Report

A DNS Threat Report has revealed the cost per attack has increased by 57% to $715,000 for organisations globally. EfficientIP, a specialist in DNS security to ensure service continuity, user protection and data confidentiality, announced the results of its 2018 Global DNS Threat Report recently.

It explored the technical causes and behavioural responses towards DNS based threats and their potential effects on businesses across the world. Over the past year, organisations on average faced seven DNS attacks, which cost some businesses more than $5 million in damages.

The major issues highlighted by the study in its third year include the increase in cost of DNS attacks, the evolving popularity of attacks, a failure to adapt security solutions to protect DNS on-premise or in the cloud and investment priorities to ensure data confidentiality. The consequences of not securing the DNS creates a higher risk of data loss, service downtime, compliance failure or compromised public image.

David Williamson, CEO of EfficientIP summarised the research, saying: “Worryingly, the frequency and financial consequences of DNS attacks have risen and businesses are late in implementing purpose built security solutions to prevent, detect and mitigate attacks. On the positive side, business and IT leaders globally now have a better understanding on why DNS is fundamental to ensuring business continuity and data confidentiality, so securing DNS has become a top priority for them."

 

The increasing cost per attack - varies country by country

More than three-quarters (77%) of organisations surveyed were subject to a DNS attack in 2018. The global average cost per DNS attack increased by 57% year-on-year, standing at $715,000. However, the cost per attack and its growth vary country by country.

A regional overview of cost per DNS attack shows in Europe, UK respondents witnessed the highest year-on-year increase in cost per DNS attack at 105%, whereas French organisations had the highest cost at $974,000. In North America, USA organisations faced the highest cost at $654,000 and the highest cost increase at 82%. In Asia-Pacific, Singapore had the highest cost at $710,000 per attack as well as the highest cost increase at 85%.

 

The five most popular DNS-based attacks in 2018

The most popular DNS threats has changed compared with last year. DNS based malware has remained the joint most popular alongside Phishing (36%), followed by DDoS attacks (20%), Lock-up Domain attacks (20%) and DNS Tunneling (20%).

 

The top impacts of DNS-attacks, damaging reputation and the bottom line

Well-publicised cyber attacks such as WannaCry and NotPetya caused financial and reputational damage to organisations across the world. The impact caused by DNS based attacks is as important due to its mission-critical role. Two-in-five (40%) organisations suffered cloud outages and one-third (33%) of respondents were victims of data theft. One-in-five (22%) businesses had lost business due to DNS attacks.

 

Organisational investments on GDPR compliance, DNS protection is the priority

Organisations are investing to comply with the new data protection regulation which has a global remit. DNS is recognised as a prime target for data exfiltration.

To ensure data confidentiality, respondents are prioritising technology investment on the monitoring and analysis of DNS traffic (38%) over conventional security solutions such as firewalls (21%) and endpoint protection (35%).

EU GDPR has been framed around the location of the data subject, rather than the data controller or data processor, leading to a global impact. This is reflected in the investment for GDPR compliance as organisations based outside the EU have spent over $1 million on average. US organisations have spent more on average at $1,417,000 than some EU member counterparts such as the UK ($1,165,000) and Spain ($1,223,000). German businesses lead the European and global rankings with each spending $1,752,000 on average. In Asia-Pacific, Singaporean businesses lead the way with each spending $1,361,000 on average.

Picture: A DNS Threat Report has revealed the cost per attack has increased by 57% to $715,000 for organisations globally.

 

Article written by Brian Shillibeer

Share



Related Articles

Are You Ready For Business Change?

Andrew Carwardine offers 7 Steps to Change & Put Process Back On The Agenda. Thanks to GDPR, processes are back on the agenda but why the wait? Shouldn't we...

 Read Full Article
Gangsters' Paradise Leads To Jail Terms For Business Phishing Scam

Gangsters who altered business emails to rip-off more than £1 million have gone to jail. Two members of the Nigerian organised crime group who committed the fraud...

 Read Full Article
Two Million Fleet Drivers To Revalidate Driving Licence Data Consent

There are over two million drivers who will have to revalidate their driving licence data consent, writes Malcolm Maycock, Chair of the ADLV. Whilst this is a mammoth...

 Read Full Article
Raising The Bar – Consent Under The GDPR

Straight from the horse's mouth, Steve Wood, Deputy Information Commissioner, writes for ThisWeekinFM on the topic of 'consent', how to get it and what to do...

 Read Full Article
GDPR - No Confidence In Compliance. Mobile Workers Are Biggest Hazard

Most companies are not confident of being fully compliant ahead of the GDPR deadline with the biggest fear being the loss of data on laptops and other mobile...

 Read Full Article
Is BYOD Creating A GDPR Risk For Your Business?

Does your Bring Your Own Device (BYOD) stance have the potential to create risks relating to data protection or breaches, as a result of staff using a single smartphone...

 Read Full Article
Crown Prosecutions Service Prosecuted - And Other GDPR-type Convictions

You could hardly make it up but the Crown Prosecutions Service has been fined after losing victim interview videos - PLUS a variety of convictions including a...

 Read Full Article
GDPR - What A Scam

GDPR has gifted scammers with a new hook for sending phishing emails. Many internet users are now receiving emails from organisations that they have online dealings with,...

 Read Full Article
Human Error Could Cost UK Businesses Up To €20 Million

Over three-quarters of British businesses say that a proportion of inbound mail and communications is incorrectly allocated due to physical handling, creating an...

 Read Full Article
123456 - 23.2 Million Cyber Victims Used This Password

The most hacked passwords have been revealed as a UK cyber survey exposes gaps in online security with global breach analysis finding 23.2 million victims used 123456 as...

 Read Full Article