EfficientIP and IDC: Cost per DNS attack in India remains close to USD 800K, while volume of attacks per company on the rise

EfficientIP, a leading specialist in DNS security for service continuity, user protection and data confidentiality, today announced the results of its 2020 Global DNS Threat Report.

The annual research, which was conducted in collaboration with leading market intelligence firm International Data Corporation (IDC), sheds light on the frequency of the different types of DNS attack and the associated costs for the last year.

Nearly four out of five orgzations (79 per cent) experienced DNS attacks, with the average cost of each attack hovering around USD 924K. The Report shows that orgzations across all industries suffered an average 9.5 attacks this year. These figures illustrate the pivotal role of the DNS for network security, as threat actors make use of DNS' dual capacity as either a threat vector or a direct objective.

Costs of attacks in India decreased by 6.08 per cent, from about USD 835K to USD 784K. This is a slightly higher decrease in costs compared to the entire Asia region, which saw a decrease of 2.62 per cent from USD 814K to USD 792K.

Despite a decrease in costs per attack, of the countries surveyed, India saw the highest number of attacks suffered by a company, 12.13 per orgsation. 27 per cent of compes in India had sensitive customer information stolen, compared to 16 per cent globally. Poor brand image is also of major concern; India surpassed the global average of 29 per cent, with 44 per cent of compes surveyed in India suffering brand damage due to DNS attacks.

Attackers appear to increasingly target the cloud. As the number of business-critical applications hosted in hybrid-cloud environments has increased, so has the attack surface for cybercriminals. The Threat Report shows that the number of businesses that suffered from cloud service downtime increased from 41 per cent in 2019 to 50 per cent in 2020, a sharp growth of nearly 22 per cent.

Cloud service downtime in India surpassed the global average, reaching 65 per cent. The increased adoption of cloud services during the global COVID-19 pandemic could make the cloud even more attractive for attackers.

In-house app downtime remained extremely high: 62 per cent this year compared to 63 per cent last year. As a whole, application downtime-whether in-house or in the cloud-remains the most significant result of DNS attacks; of the compes surveyed, 82 per cent said that they had experienced application downtime of some kind.

The Threat Report, now in its sixth year, shows the broad range and changing popularity of attack types ranging from volumetric to low signal. This year phishing led in popularity (39 per cent of compes experienced phishing attempts), malware-based attacks (34 per cent), and traditional DDoS (27 per cent). Crucially, the size of DDoS attacks is also increasing, with almost two-thirds (64 per cent) being over 5Gbit/s.

Despite these worrying numbers, enterprise awareness of how to combat these attacks is improving: 77 per cent of respondents in the 2020 Threat Report deemed DNS security a critical component of their network architecture, compared to 64 per cent in the previous year. Additionally, use of Zero Trust strategies is maturing: 31 per cent of compes are now running or piloting Zero Trust, up from 17 per cent last year. Use of predictive analytics has increased from 45 per cent to 55 per cent.

"Recognition of DNS security criticality has increased to 77 per cent as most orgzations are now impacted by a DNS attack or vulnerability of some sort on a regular basis," says Romain Fouchereau, Research Manager European Security at IDC. "The consequences of such attacks can be very damaging financially, but also have a direct impact on the ability to conduct business. Ensuring DNS service availability and integrity must become a priority for any orgzation."

DNS offers valuable information against would-be hackers that is currently going underutilized. According to results from the 2020 Threat Report, currently 25 per cent of compes perform no analytics on their DNS traffic (compared to 30 per cent last year). 35 per cent of orgzations do not make use of internal DNS traffic for filtering, and only 12 per cent collect DNS logs and correlate through machine learning.

"In this era of key IT initiatives like IoT, Edge, SD-WAN and 5G, DNS should play a much larger role in the security ecosystem," says Ronan David, VP of Strategy for EfficientIP. "It offers valuable information that can make security strategies against hackers much more proactive and preventative. The COVID-19 pandemic has exacerbated the need to shore up DNS defenses, when any network or app downtime has major business implications."

There are several ways that compes can make better use of DNS with threat intelligence and User Behavioral Analytics, to enhance attack protection capacity. A DNS security solution can feed SIEMs and SOCs with actionable data and events, thus simplifying and accelerating detection and remediation. Of compes surveyed, 29 per cent used Security and Event Management (SIEM) software to detect compromised devices, and 33 per cent of compes passed DNS information to SIEM for analysis (up from 22 per cent in 2019).

This story is provided by NewsVoir. will not be responsible in any way for the content of this article (/NewsVoir)

( With inputs from ANI )