Hybrid working and cloud migration during the course of the pandemic has led to a surge in DNS-related attacks, with application downtime and data theft a major consequence, according to IDC.
The analyst’s 2022 Global DNS Threat Report is sponsored by security vendor efficientIP and compiled from interviews with over 1000 global organizations with more than 500 employees.
The report revealed that 88% of organizations suffered DNS-related attacks over the past year, at an average of seven per responding company.
These include DNS tunnelling, phishing, malware, zero-day exploits, DDoS attacks, DNS hijacking and cloud misconfiguration abuse. All categories saw an increase in frequency of attacks over the previous year.
The DNS layer is often overlooked by IT teams because firewalls are set to allowlist traffic. However, its near ubiquity in modern IT environments and insecure design make it a popular vector for attack. In fact, almost all cyber-attacks use DNS at some point in their lifecycle, according to the NCSC.
The risks associated with DNS have only grown during the pandemic, IDC argued.
“Hybrid work models have created new challenges for IT teams. With the disappearance of the perimeter, both attack surface and cloud usage have increased considerably,” it noted.
“Survey results show that the number and size of attacks remain very high, and cyber-criminals are using all available tools to gain access to networks, disrupt operations, and steal data by leveraging vulnerabilities and cloud misconfigurations.”
Some 70% of respondents said they suffered application downtime as a result of DNS attacks – both related to in-house and cloud-based applications. A quarter (24%) had customer data or sensitive IP stolen.
This contributed to average costs of $942,000 per attack, the report claimed. This is virtually unchanged from the $950,000 cited in last year’s report.