Share This Post

Articles / Cybersecurity

Average cost per DNS attack is now whopping $1.07 million: Report

Average cost per DNS attack

Around 82% of the organizations have faced a DNS (Domain Name System) attack in 2019, up 5% from 2018, according to IDC’s 2019 Global DNS Threat Report sponsored by Efficient IP.

In the last few years, organizations around the world have faced several high-profile breaches and security issues, showing that traditional security solutions are no longer suitable to protect data and provide business continuity.

In the rapidly evolving IT security threat landscape, DNS is a primary target for cyberattacks, causing huge damage to the businesses, in terms of financial loss and downtime.

To understand the critical role of DNS in network security strategy, IDC, on behalf of Efficient IP, surveyed 904 organizations across the globe in the first half of 2019. Following are the key findings of the 2019 Global DNS Threat Report:

1. Rise in DNS-based attacks

Compared to last year, the number of companies that faced DNS attacks has increased by 5%, reaching an alarming 82%. There are several types of DNS attacks and almost every attack type has risen this year.

For instance, the DNS Phishing has increased from 36% to 47%, and DNS-based malware from 36% to 39%.

2. Average cost per attack increased by 49%

The average cost of an attack in 2019 is a whopping $1.07 million, up 49% from $715k in 2018.

In 2018, the organizations experienced a strong increase in DNS attacks, impacting both in-house and cloud applications. These attacks are shifting from pure brute-force to more sophisticated attacks acting from the internal network, finds the report. This is forcing businesses to adopt intelligent mitigation tools to handle insider threats.

Suggested reading: Cybercriminals trying to exploit the trust of users to hack them: Report

3. DNS security practices need to move from reactive to proactive

Sixty-four percent of organizations consider DNS security crucial for business. However, many organizations are still using traditional security solutions like secure web gateway, next-generation firewall, data loss prevention (IPS). These solutions aren’t enough to ensure DNS service availability and integrity.

4. Every industry is prone to DNS attacks

The survey reveals that no industry is spared from the disruption of DNS attacks. All the industries, including manufacturing, healthcare, retail, financial services, education, face these attacks which results in huge damage.

For instance, the manufacturing industry faces the highest (70%) in-house application downtime as a result of DNS attacks. Whereas, 50% of healthcare organizations were found affected by a compromised website.

DNS attack disruption

Related read: Why data security is the biggest concern of healthcare and how to fix it?

5. 63% of businesses faced app downtime due to DNS attack

DNS is an essential solution to ensure service continuity. If it faces any fault or ineffectiveness, it can negatively affect the perception of the business, impact eCommerce apps, causing revenue loss and ruining the brand image.

As per the report, 63% of businesses said that they suffered app downtime as a direct result of DNS attack.

“DNS is more than ever a central network foundation, enabling all clients to access every app. Any DNS performance impact has major business implications,” said David Williamson, CEO, EfficientIP.

“At the same time, the fact that most traffic first goes through a DNS resolution gives it unique visibility over legitimate and malicious network activity. This is being widely recognized by businesses, who are starting to leverage DNS for their security strategy via threat intelligence, policy control and automation. DNS is fast becoming the guardian of networks!” he added.

For more insights, download the full 2019 Global DNS Threat Report.

Related read: Comparison between a protected and a non-protected company

Share This Post

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>