DNS attacks target telecoms companies with 83% hit pre-Covid
As many as 83% of companies in the telecommunications and media sectors experienced a DNS attack in 2019 – before the Covid-19 crisis even hit.
Organisations in the sector experienced an average of 11.4 attacks last year, compared to 9.5 attacks across other industries, confirming that as an industry TMT is the most frequent victim of DNS attacks.
Further, almost one in 10 of those companies suffered costs of more than US$5 million per attack.
The figures are published in IDC’s 2020 Global DNS Threat Report, the research for which was conducted by IDC from January to April 2020. The data collected represented experiences for the previous year, with 900 respondents in three regions - North America, Europe and Asia Pacific.
Ronan David, VP of strategy, business development and marketing at EfficientIP, said: “With Covid-19 having caused a large-scale shift to remote work, telcos rely more than ever on a stable network availability and the high capacity needed to serve customer’s requests as quickly as possible.
“A successful DNS attack can have far reaching consequences – not just for the affected provider but also for its customers experiencing disruptions and outages. An effective DNS security architecture is key to fend off attacks and avoid downtimes,” David added.
The most common attack types used by hackers were phishing attacks (37%), DNS-based malware (33%), DDoS attacks (27%), lock-up domain attacks (22%), which may cause DNS resolvers to exhaust their resources, as well as DNS amplification attacks (21%) which can result in the break-down of company networks potentially causing serious economic damages and disruptions.
When successful, DNS attacked caused in-house application downtime, experienced by 60% of organisations and cloud service downtime, which was reported by 54% of telcos surveyed. The report indicated that a quarter (25%) of providers experienced brand damage while almost a third (31%) reported a loss of business. Lastly, for 18% of telcos, DNS attacks resulted in the theft of sensitive customer info. This is especially concerning since a large amount of customer information is at the mercy of the network which is trusted to perform at the highest levels.