72% of organisations in a recent survey said they had been subject to a DNS attack in the past year

Almost 75 percent of organisations have been hit by at least one domain name system (DNS) attack within the past 12 months, according to a recent study the Neustar International Security Council (NISC). 

The survey, conducted in September 2021, revealed that 72 percent of the organisations included had experienced at least one DNS attack in the past year, with 61 percent of this number percent receiving multiple attacks and 11 percent saying they had been victimised regularly.  

Of those who had been attacked, 58 percent said their business had been disrupted for more than an hour, and 14 percent said it took them several hours to recover. However, a third of respondents claimed it only took a few minutes to resume normal service.  

According to Neustar, DNS attacks are generally of lower concern than other forms of attack to security professionals. For them, ransomware, DDoS attacks and targeted account hacking warrant greater concern. However, 55 percent of security pros consider DNS compromise an increasing threat, compared with 47 percent twelve months ago. 

In the survey, 92 percent of organisations reported that their website is vital to business continuity and customer fulfilment to some degree, with 16 percent totally reliant on it. 56 percent said their website has a major role in day-to-day activity, and only 8 percent felt they would be able to conduct business without their site. 

“Organisations are challenged to keep pace with emerging security threats in an increasingly borderless digital landscape. Although some attack vectors may not be as visible or pose as imminent a threat as others, it is clear bad actors will exploit any vulnerability they can find sooner rather than later, and they will cost organisations valuable time, resources and business,” said Michael Kaczmarek, vice-president of product management for Neustar. 

Only 31 percent of participants felt very confident in their preparedness to deal with a DNS attack that could take their website offline, with 27 percent not confident. 

“To manage DNS security, organizations need to continuously analyse the DNS traffic leaving their organization, make sure they maintain good hygiene and access controls for DNS related accounts, and, most importantly, implement DNSSEC,” continued Kaczmarek. 

There are different types of DNS attack able to be leveraged by threat actors. There appears to be a diverse approach adopted to these attacks, but the prevalence of several tactics provides an insight to which security protocols should be fortified.  

47 percent of survey respondents had been hit by DNS hijacking and 46 percent had encountered DNS flood, reflection or amplification attacks. DNS tunnelling had been experienced by 35 percent and 33 percent had been victim to cache poisoning. 

Kaczmarek emphasised the importance of not underestimating DNS attacks and of fortifying defences against this growing threat.  

“DNS attacks may not grab headlines like a big DDoS or ransomware attack does, but the business impact cannot be ignored and their ability to be overlooked makes them that much more dangerous.”  

“The latest data indicates that organizations need to remain vigilant, close security gaps, and patrol for potential breaches around the clock.” 

The vulnerability check-up provided by Securiwiser can provide an insight into your website’s DNS health and help you understand your susceptibility to DNS attacks.