According to data sampled by research firm Coleman Parkes from 1,000 organizations around the world, 77% of organizations suffered at least one DNS-based cyberattack in 2018. Companies were surveying sampling cover organizations active in communications, education, finance, healthcare, services, transportation, manufacturing, public, and retail. In the top five DNS-based attacks worldwide, malware and phishing took the senior two positions; domain name locking, DNS tunneling, and DDoS attacks also had a huge impact.
EfficientIP wrote in the 2018 DNS Threat Report:
“The Cisco 2016 Security Report found 91% of malware use DNS. The malware can use DNS as a vector to prepare attacks (e.g. DoS amplification or communicate with CnC servers), as well as to attack the DNS service itself.”
In 2017, phishing was not even the most common type of DNS-based attack. But in 2018, fraudsters have aggressively targeted and customized activities to increase phishing risk rates for specific industry sectors. By analyzing the data collected during the survey, Coleman Parkes found that criminals have used DNS-based attacks as a somewhat useful tool to cause favorite brand and financial loss, short-term and long-term impact on their industry goals.
The average loss of organizations affected by DNS attacks increased by about 57% from the previous year – from $456,000 in 2017 to $715,000 in 2018 – which is particularly disturbing.
Considering all the factors, the impact of DNS attacks from one industry sector to another is very different. But for all organizations, deploying proper DNS attack detection and protection measures is still critical.