Skip to content

Reports & Surveys

Joint Report with IDC Shows DNS Attacks Increasingly Impacting the Cloud

Get the latest news, invites to events, and much more

June 10, 2020 |

EfficientIP and IDC: DNS Attacks Cost Nearly $1 Million Each, Increasingly Impacting the Cloud

Four out of five companies experienced a DNS attack, according to 2020 Global DNS Threat Report

Cloud service downtime as a result of attacks increased by 22%, the sharpest growth measured for impacted systems

EfficientIP, a leading specialist in DNS security for service continuity, user protection and data confidentiality, today announced the results of its 2020 Global DNS Threat Report. The annual research, which was conducted in collaboration with leading market intelligence firm International Data Corporation (IDC), sheds light on the frequency of the different types of DNS attacks and the associated costs for the last year.

Nearly four out of five organizations (79%) experienced DNS attacks, with the average cost of each attack hovering around $924,000. The report shows that organizations across all industries suffered an average 9.5 attacks this year. These figures illustrate the pivotal role of the DNS for network security, as threat actors make use of DNSโ€™ dual capacity as either a threat vector or a direct objective.

In terms of regional damage from DNS attacks, North America leads the way with the average cost of attack at $1,073,000. This is a modest decrease by about 1.36% from the year prior. And while the United States saw nearly a 4% decrease in attack damages, it still has the highest cost globally at $1,082,710.

Attackers appear to increasingly target the cloud. As the number of business-critical applications hosted in hybrid-cloud environments has increased, so has the attack surface for cybercriminals. The Threat Report shows that companies that suffered cloud service downtime increased from 41% in 2019 to 50% in 2020, a sharp growth of nearly 22%. The increased adoption of cloud services during the global COVID-19 pandemic could make the cloud even more attractive for attackers.

In-house app downtime remained extremely high: 62% this year compared to 63% last year. As a whole, application downtimeโ€”whether in-house or in the cloudโ€”remains the most significant result of DNS attacks; of the companies surveyed, 82% said that they had experienced application downtime of some kind.

The Threat Report, now in its sixth year, shows the broad range and changing popularity of attack types ranging from volumetric to low signal. This year phishing led in popularity (39% of companies experienced phishing attempts), malware-based attacks (34%), and traditional DDoS (27%). Crucially, the size of DDoS attacks is also increasing, with almost two-thirds (64%) being over 5Gbit/s.

Despite these worrying numbers, enterprise awareness of how to combat these attacks is improving: 77% of respondents in the 2020 Threat Report deemed DNS security a critical component of their network architecture, compared to 64% in the previous year. Additionally, use of Zero Trust strategies is maturing: 31% of companies are now running or piloting Zero Trust, up from 17% last year. Use of predictive analytics has increased from 45% to 55%.

โ€œRecognition of DNS security criticality has increased to 77% as most organizations are now impacted by a DNS attack or vulnerability of some sort on a regular basis,โ€ says Romain Fouchereau, Research Manager European Security at IDC. โ€œThe consequences of such attacks can be very damaging financially, but also have a direct impact on the ability to conduct business. Ensuring DNS service availability and integrity must become a priority for any organization.”

DNS offers valuable information against would-be hackers that is currently going underutilized. According to results from the 2020 Threat Report, currently 25% of companies perform no analytics on their DNS traffic (compared to 30% last year). 35% of organizations do not make use of internal DNS traffic for filtering, and only 12% collect DNS logs and correlate through machine learning.

โ€œIn this era of key IT initiatives like IoT, Edge, SD-WAN and 5G, DNS should play a much larger role in the security ecosystem,โ€ says Ronan David, VP of Strategy for EfficientIP. โ€œIt offers valuable information that can make security strategies against hackers much more proactive and preventative. The COVID-19 pandemic has exacerbated the need to shore up DNS defenses, when any network or app downtime has major business implications.โ€

There are several ways that companies can make better use of DNS with threat intelligence and User Behavioral Analytics, to enhance attack protection capacity. A DNS security solution can feed SIEMs and SOCs with actionable data & events, thus simplifying and accelerating detection and remediation. Of companies surveyed, 29% used Security and Event Management (SIEM) software to detect compromised devices, and 33% of companies passed DNS information to SIEM for analysis (up from 22% in 2019).

The full 2020 Global DNS Threat Report is available online.

RESEARCH NOTES
The research was conducted by IDC from January to April 2020. The data collected represents respondents’ experience for the previous year. The results are based on 900 respondents in three regions – North America, Europe and Asia Pacific. Respondents included CISOs, CIOs, CTOs, IT Managers, Security Managers and Network Managers.

View press release as PDF

Simplify & Secure Your Network

When our goal is to help companies face the challenges of modern infrastructures and digital transformation, actions speak louder than words.

Key Resources

Ema 2024 Report for Zero Trust
Reports & Surveys
EMA Zero Trust Report: How Network Teams Support Security
Explore
2024 Gigaom Ddi Radar
Reports & Surveys
2024 GigaOm Radar Report for DDI
Explore
Enterprise Network Automation Emerging from the Dark Ages and Reaching Toward Netdevops
Reports & Surveys
Enterprise Network Automation: Emerging From the Dark Ages and Reaching Toward NetDevOps
Explore
Gorilla Guide 2023 for Network Automation
Reports & Surveys
The Gorilla Guide to Network Automation
Explore
Ema 2023 Ddi Directions Report
Reports & Surveys
EMA 2023 DDI Directions: DDI Strategies for Multi-Cloud
Explore
Gigaom 2023 Radar Report for Ddi
Reports & Surveys
GigaOm 2023 Radar Report for DDI Solutions
Explore
Idc 2023 Global Dns Threat Report
Reports & Surveys
IDC 2023 Global DNS Threat Report
Explore
Securing Anywhere Networking Dns Security for Business Continuity and Resilience
Reports & Surveys
IDC 2022 Global DNS Threat Report
Explore
Reports & Surveys White Papers
The Tolly Group DDI ROI Report
Explore
Reports & Surveys
IDC 2021 Global DNS Threat Report
Explore