2017: Bad Year for DNS Security, but Network Management Getting Hot

The past year saw some of the largest cyber attacks on record such as WannaCry, Petya and Mirai. The emergence of new threats to the corporate network poses a critical issue to current network and DNS Security capabilities. Last year’s cyber attacks, which caused financial and reputational damage to private and public sector organizations, sparked necessary conversations about how employees and the public can be protected from future threats.

In 2017 we also saw the enterprise IT environment becoming more complex, with the growing adoption of multi-cloud and the rise of BYOD and connected devices entering corporate networks. The move to multi-cloud and edge computing calls for a more dynamic and ad hoc network environment, where it isn’t always possible to see what devices are connected to a network at any point in time and predict the capacity of IP addresses that need to be created beforehand.

IT teams must act quickly as the sheer volume of new IoT devices, cloud environments and cyber attacks to come cannot be supported by the existing DDI Infrastructure.

Here are EfficientIP’s three main 2017 takeaways:

1. Security: a year of big attacks and bad patching

2017 saw some of the largest cyber attacks on record. In May, over 150 countries around the world experienced the full force of the WannaCry malware, which took advantage of a known vulnerability that was not patched. The attack severely reduced the operations of the UK’s National Health Service, affecting the lives of thousands of people. The post-mortem showed how easily other organizations around the world, including FedEx, Renault, Telefonica, Hitachi, Petrobras, among several others, could have protected themselves if they had updated their computer software.

The Domain Name System is an easy route for attacks on the network. Our 2017 DNS Global Study found that 76% of organizations were victims of attacks via DNS. Shockingly, 83% of organizations admitted they applied less than half of the necessary security patches in response to the 11 critical vulnerabilities released by BIND in 2016.

It is normal for those who work outside the cyber security industry to find the topic very hard to understand. However, as we saw with the attacks on Equifax and Deloitte, cyber security is also problematic for those who live and breathe security every day. The commercial success of both of the previously-mentioned companies depends on the adequate protection of their customers’ sensitive data. Apart from compromising the details of over 150 million people worldwide, Equifax’s seemingly lethargic and inadequate communications with customers and regulators after the breach drew the ire of many. Fortunately, this 2017 breach could be a silver lining for Equifax before the EU General Data Protection Regulation comes into force in May 2018 – it serves as a warning to all organizations to review and plan to comply with the world’s most stringent data regulations.

These attacks have sparked a much-needed conversation in the boardroom. The Equifax CEO resigned in the immediate aftermath of his company’s breach being made public. Cyber security is not a problem for merely for IT any more- it could cost CEOs their jobs. With DNS being an open door for security in most networks, protecting it is of prime importance to defend an organization’s business and secure its data.

2. IoT emerges as the next security frontier

2017 was a tough year for IT security professionals and businesses who were victims of various attacks. Fortunately for them, attacks such as WannaCry targeted legacy systems which had been part of corporate networks for decades, and can be found and fixed quickly. However, the emerging threat that appeared in the news towards the end of 2017 was aimed at connected devices.

Aside from the incredible benefits they give businesses, such as making the supply chain more efficient and the reduction of food, water and paper wastage, connected devices pose two threats to enterprise security. The first is the sheer volume of devices available for compromise. Gartner predicts there will be over 20 billion active devices in use in 2020. Secondly, IoT is forcing organizations to manage a more dynamic and ad hoc network environment, which requires complete visibility on the network at all times.

Criminals see connected devices as a new attack vector which provides billions of open doors to enter a corporate network. Successful attacks such as the Mirai botnet and Andromeda, where hackers controlled connected devices in order to carry out much larger attacks on corporate networks, show how far IoT needs to go to protect these ‘dumb’ devices. Connected devices cannot think for themselves and deliver their output based on the command, which has potentially disastrous consequences if hackers pwn traffic lights, gas supply or health monitors which are operated by IoT devices. Switching passwords and applying security patches prevent hackers from breaking in, but they are useless if the attacker is already inside and in control of the network.

3. Multi-cloud orchestration is a must for enterprises

Cloud operations is the accepted way of IT operations for all organizations, especially in the past year. Whether you are a private or public sector company, you will have a strategic priority to move into the cloud. Tactically, cloud migration, cloud service management and cloud API management are some of the components to making cloud real for any organization.

The success of Azure and AWS has been driven by the constant business goal of reducing capital expenditure (CAPEX) so customers can get more relevant apps and services. Coupled with the natural usage of Dropbox, Google Docs and YouTube by employees, the budget for cloud operations has eaten away at the resources traditionally reserved for data centre operations.

The orchestration market is expected to grow from $4 billion in 2016 to $14 billion by 2021, according to the Cloud Orchestration Forecast by Market and Markets. The analyst highlighted the need for self-service provisioning, and flexibility, agility, and cost-efficiency as the important drivers for cloud orchestration.

The ever-decreasing cost of using cloud services, combined with its popularity, has created the industrialization of cloud deployments. Organizations should be smart when moving on-premise addresses to the cloud. Cloud projects are very complex, comprising of many organizational and technical layers, which is why 73% of cloud migrations take a year or longer. An effective migration can be achieved by integrating DDI (DNS-DHCP-IPAM) and automation into the orchestration process, for consistent, error-free configurations and lightning-fast provisioning of IP resources.

Learning from 2017 to create a successful 2018

The network faced a variety of challenges in 2017 and it will continue to do so in 2018. Sadly, securing and managing the network security today is only one complex task in a very long to-do list. IT teams are now combatting attackers targeting legacy technology as well as new technologies such as IoT entering the corporate network.

In addition, a central firewall can’t be the sole gatekeeper, especially when organizations are moving to multi-cloud or even more distributed environments such as edge computing. Managing DNS effectively keeps sensitive data secure whether you are using on-premise, cloud, or hybrid infrastructure. It’ll keep the regulators happy, too.

The cloud is here to stay. Talent and budget are being moved to implementing cloud services and away from managing on-premise data centres. Most large organizations now work with a variety of cloud services and tools. To get the best of cloud investments and avoid issues such as VM sprawl, DDI technology should be integrated to cloud orchestrators, automating the provisioning of IP resources and ensuring the security of cloud infrastructure.

Read the [UPDATE] 2021 DNS Threat Survey Report, and learn how to elevate your performance.