On average, a DNS attack costs $715,000 to organizations globally, up from $456,000 a year before, according to 2018 DNS Threat Report by EfficientIP.
EfficientIP surveyed 1000 organizations around Europe, Asia Pacific and North America to analyze the technical and behavioral causes of the rise in DNS (domain name system) threats, their effects on business, and remedies.
The report highlighted that organizations faced average seven DNS attacks in 2017, which costed around $5 million in damages. The organizations which don’t secure the DNS are at a higher risk of data loss, service downtime, compliance failure or compromised public image.
Key findings of the 2018 DNS Threat Report:
Average cost per attack increasing YoY
77% of the organizations were found subject to a DNS attack in 2018. The research shows that the average cost of damages caused by a DNS attack has increased by 57% over the previous year. The cost per attack varied country by country. For instance, cost per attack in France is $974,000, whereas it costs $654,000 to organization in North America.
DNS-based malware and phishing: Top DNS threats in 2018
DNS-based malware (36%) and Phishing (36%) are the most popular DNS threats in 2018, both of which have increased as compared to last year. Along these attacks, the DDoS attacks, Lock-up Domain attacks, and DNS Tunneling are the top DNS attacks, each of which accounts for 20% of all the DNS attacks in 2018.
DNS attacks damage brand image
The major cyber-attacks like WannaCry and NotPetya caused financial/brand damage and customer churn for organizations globally.
Due to DNS attacks, 40% of the organizations suffered cloud outages, 33% were victims of data theft, whereas, 22% lost their business. On average, an organization takes 7 hours to mitigate the attack, up 40% from a year before.
All industries vulnerable to DNS attacks
Further, the report revealed that all the industries are vulnerable to DNS attacks. The public sector takes the longest to mitigate an attack, while healthcare faces the highest cloud downtime. The telecom sector had the most sensitive customer information stolen, while it costed the highest to financial sector.
“Worryingly, the frequency and financial consequences of DNS attacks have risen and businesses are late in implementing purpose-built security solutions to prevent, detect and mitigate attacks. On the positive side, business and IT leaders globally now have a better understanding on why DNS is fundamental to ensuring business continuity and data confidentiality, so securing DNS has become a top priority for them,” said David Williamson, CEO of EfficientIP.
Read full report here.