3 in 5 organisations prepared for a surge in DNS threats over the holiday period

Despite preparations, over a quarter (29%) have reservations about their ability to respond to attacks.

  • 4 years ago Posted in
Neustar has released a new report from the Neustar International Security Council (NISC) which explores the rise in DNS security threats over the peak retail period.

 

With more people shopping online than ever before amid the pandemic, 78% of cybersecurity professionals said they expect to see an increase in DNS-related security threats over the next month. To prepare their organisations for this upcoming surge, three in five (59%) have altered their DNS security methods in the run up to the holiday season.

 

Despite these preparations, however, over a quarter (29%) admitted to having reservations around their ability to respond to DNS attacks, which can be largely attributed to the shifting and complex DNS threat landscape. Out of the range of DNS threats that exist today, the cybersecurity community ranked domain hijacking (41%) as their top concern and the attack they are most likely to fall victim to, followed by DNS spoofing/cache poisoning (28%), DNS tunneling (16%) and zombie domain attacks (15%). In fact, three in five respondents confessed to being hit by one of these threats in the past year.

 

“Acting as the Internet’s address book and backbone of today’s digital services, it’s unsurprising that DNS is an increasingly appealing vector for malicious actors, particularly as more consumers turn to websites during peak online shopping periods,” said Rodney Joffe, Chairman of NISC, SVP and Fellow, Neustar. “When successful, DNS attacks can have damaging repercussions to an organisation’s online presence, brand and reputation. A domain hijacking attack, for example, can result in hackers taking control of a company’s domain and using it to host malware or launch phishing campaigns that evade spam filters and other reputational protections. In a worst-case scenario, this type of attack can even lead to an organisation losing its domain altogether.”

 

“While organisations are aware of the severity of DNS attacks, it’s important that they continue to take proactive steps to protect themselves and their customers against the different threats,” Joffe continued. “This should involve regular DNS audits and constant monitoring to ensure a thorough understanding of all DNS traffic and activity. Crucially, DNS data can also provide organisations with timely, actionable and important threat insights, allowing them to not only protect against DNS-related threats, but also mitigate the vast majority of malware, viruses and suspicious content before critical systems are infiltrated.”

 

Findings from the latest NISC research highlighted a 13.6-point year-on-year increase in the International Cyber Benchmarks Index. Calculated based on the changing level of threats and impact of cyberattacks, the index has maintained an upward trend since May 2017.

 

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...