EfficientIP, a leading specialist in DNS security to ensure service continuity, user protection and data confidentiality, revealed the European results of its 2018 DNS Threat Report. The research explored the technical causes and behavioural responses towards DNS-based threats and their potential effects on businesses across the world. Globally, 77 per cent of organisations faced DNS attacks in the past year with each attack costing European businesses an average of €734,000. The consequences of not securing DNS increases the risk of data loss, service downtime, compliance failure or compromised public image.
David Williamson, CEO of EfficientIP summarised the research, saying, “New regulation made it necessary for every organisation to ensure the data they keep is secure. Surprisingly, our research shows European organisations have invested the least globally in technology, which can prevent data theft. This could be a reason as to why the region had the most data stolen. In the year ahead, it will be interesting to see how European companies will prevent data theft and avoid regulatory fines."
DNS is the gateway to every corporate network and malicious actors are targeting it as a way to steal sensitive information. The research shows the average cost per DNS attack for European organisations has risen by 43 per cent over the past year to €734,000, much higher than their North American and Asia Pacific counterparts. French organisations had the highest cost per attack at €847,000 and the UK had highest cost increase at 105 per cent to €684,000. German organisations have reduced the impact of DNS attacks over the last year, increasing only by 15 per cent this year.
On average, European companies suffered the most data theft at 39 per cent, higher than the global average at 33 per cent. Nearly half of French organisations admitted to losing sensitive data (48 per cent) and UK companies suffered the least in the region at 32 per cent. A third of European organisations had their websites compromised, with nearly half (48 per cent) of Spanish organisations admitted to website downtime. A quarter (25 per cent) of French organisations suffered loss of business as a consequence of DNS attacks.
European organisations are more effective than their global peers at protecting their cloud services. On average, a third (34 per cent) of European businesses suffered cloud downtime, lower than the global average at 40 per cent. Within the region, France has the most cloud outages due to DNS attacks at 41 per cent, whereas Germany was the lowest at 28 per cent.
The top five DNS-based attacks in Europe reflect the global top five, with DNS-based malware (39 per cent) being the most popular attack faced in the region, followed by phishing at 34 per cent, DNS DDoS attacks at 20 per cent, DNS tunneling at 19 per cent, domain lock-up at 18 per cent. DNS-based malware were more prevalent than anywhere else in world, with Germany facing the most attacks at 44 per cent. Spanish organisations faced more DNS tunneling attacks at 24 per cent than their European peers.
DNS is recognized as a prime target for data exfiltration. Protecting the DNS requires monitoring and analysis of traffic to identify threats once they enter the corporate network. Conventional end-point and firewall technologies primarily focus on protecting the perimeter of every corporate network, therefore they are redundant once the threat moves inside.
European companies prioritised investment in securing network endpoints (38 per cent), the monitoring and analysis of DNS traffic at 36 per cent, and followed by firewalls at 20 per cent. It’s positive to see DNS investment move into the top three, but more can be done in this area, and it maybe why European organisations had the most data stolen within the last year.