EfficientIP Report: Governments sleepwalking into $6.7M of DNS cyberattack damage each year

Share Article

Research reveals the government sector is the most popular target for Domain Name Systems attacks

Our latest research shows governments are significantly more exposed than other sectors to DNS attacks. This is unacceptable when governments are trusted with sensitive information by their citizens, so they need to understand the potential risks to protect both themselves and the public.

EfficientIP, specialists in Domain Name System (DNS) security for service continuity, user protection and data confidentiality, reveals government organizations were hit by the highest number of DNS attacks per year in this IDC Infobrief, sponsored by EfficientIP, 2019 Global DNS Threat Report. Government suffers an average of 12 DNS attacks per year, with each attack costing an average of $558,000, amounting to $6.7 million annually.

Over half (51%) of government organizations suffered in-house application downtime as a result of DNS attacks in the last 12 months, rendering potentially vital services inaccessible, while 43% faced cloud service downtime. 41% of organizations were impacted by compromised websites, putting data at risk. Almost one in five (19%) government respondents also reported sensitive information or intellectual property being stolen via DNS, by far the highest among all industries.

The typical DNS attack takes over seven hours for government organizations to mitigate, leaving the door wide open to a huge potential loss of sensitive personal and financial data. 51% of government respondents admitted to shutting down a server to stop an attack once underway, indicating that the countermeasures in place are not adapted to ensure service continuity.

Despite the risk, one-third (32%) of government respondents don’t recognise the critical nature of DNS to operations, stating DNS security is only low or moderately important. Furthermore, one third (32%) of government sector respondents don’t perform analytics on DNS traffic, suggesting respondents are potentially unaware of how DNS downtime deprives users access to essential applications or government services.

David Williamson, CEO of EfficientIP, commented on the report’s findings:

“With an increasing number of government services moving online, hackers have more points of attack to exploit than ever before. When 91% of malware uses DNS, analysis of DNS transactions is vital for uncovering these dangerous threats hidden in network traffic. In particular, the detection of data exfiltration via DNS requires visibility and analytics on transactions from the client to the destination domain.

Despite this, our latest research shows governments are significantly more exposed than other sectors to DNS attacks. This is unacceptable when governments are trusted with sensitive information by their citizens, so they need to understand the potential risks to protect both themselves and the public.”

Government was tied with healthcare as the sectors putting the least importance on Machine Learning (ML) for detecting unknown malicious domains or Domain Generation Algorithms (DGAs). Government also has the lowest rate of adoption for the Zero Trust cybersecurity approach of any sector surveyed.

ENDS

Notes to Editors
The IDC InfoBrief 2019 Global DNS Threat Report - EUR145072419
The research was conducted by IDC from January to April 2019. The results are based on 904 respondents in three regions - North America, Europe and Asia Pacific. Respondents included CISOs, CIOs, CTOs, IT Managers, Security Managers and Network Managers.

To read the full IDC InfoBrief please click here.

About EfficientIP
EfficientIP is a network automation and security company, specializing in DNS-DHCP-IPAM solutions (DDI), with the goal of helping organizations worldwide drive business efficiency through agile, secure and reliable infrastructure foundations. Integrated solutions enable IP communication and simplify network management with end-to-end visibility and smart automation, while patented technology secures DNS services to safeguard data and ensure application access. Companies in all sectors rely on EfficientIP offerings to face the challenges of key IT initiatives such as cloud applications and mobility. For further information, please visit: https://www.efficientip.com.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

BETH FICHTEL | CASSANDRA HEGARTY
Visit website