During 2018, 77% of all organizations experienced at least one DNS-based cyber attack according to the data collected through a survey conducted by research firm Coleman Parkes on a sample of 1,000 organization from all over the world.
The organizations which took part in the study are active in the "Communications, Education, Finance, Healthcare, Services, Transportation, Manufacturing, Public Sector, Retail, and Utilities" industry sectors.
Among the organizations that suffered a DNS attack during 2018, roughly a third of them also reported that they also suffered data theft which is usually the first stepping stone to even more severe attacks.
"The Cisco 2016 Security Report found 91% of malware use DNS. The malware can use DNS as a vector to prepare attacks (e.g. DoS amplification or communicate with CnC servers), as well as to attack the DNS service itself," says EfficientIP's 2018 DNS Threat Report .
Among the top five DNS-based attacks experienced by worldwide organizations, DNS-based malware and phishing took the first two spots, while domain lock-up, DNS tunneling, and DNS DDoS attacks impacted the surveyed industry groups in an equal measure.DNS-attacks damages increasedby a rate of 57% between 2017 and 2018
When compared to 2017, when phishing attacks weren't even in the top five most encountered DNS-based attacks, during 2018 crooks used phishing in targeted and customized campaigns to increase the compromise rate for specific industry sectors and entities.
As discovered by analyzing the data gathered during the survey, bad actors use DNS-based attacks as a very efficient tool to cause a wide range of brand and financial damage to their industry targets, withshort- and long-term effects.
This is particularly troubling given that the average damages suffered by organizationsaffected by DNS attacks increased by a staggering rate of about 57% over the previous year, from $456,000 throughout 2017 to $715,000 during 2018.
All things considered, while the impact of DNS attacks varies by a large margin from one industry sector to another, having proper DNS attack detection and blocking measures in place is of paramount importance for organizations from all industries.