Editorial

IDC: DNS attacks on the rise in the Government space

Governments suffer an average of 12 DNS attacks per year, with each attack costing an average of $558,000, adding up to $6.7 million annually

Posted 20 November 2019 by

Government organisations across the world were hit by the highest number of Domain Name System (DNS) attacks per year, according to new research conducted by IDC.

Government suffers an average of 12 DNS attacks per year, with each attack costing an average of $558,000, amounting to $6.7 million annually. 

“With an increasing number of government services moving online, hackers have more points of attack to exploit than ever before.”

The survey, sponsored by a network automation and security company, specialising in DNS-DHCP-IPAM solutions (DDI) called EfficientIP, also found that over half (51%) of organisations (of all types) responding to the IDC researchers had suffered in-house application downtime as a result of DNS attacks in the last 12 months, rendering potentially vital services inaccessible.

A further 43% said they’d faced cloud service downtime, while another high proportion, 41%, were impacted by compromised websites, putting data at risk – and almost one in five (19%) of government respondents also reported sensitive information or intellectual property being stolen via DNS, by far the highest among all industries.

Why this is bad news: the typical DNS attack takes over seven hours for government organisations to mitigate, leaving the door wide open to a huge potential loss of sensitive personal and financial data.

IDC also found that 51% of government respondents admitted to having to shut down a server to stop an attack once underway, indicating, it claims, that “the countermeasures in place are not adapted to ensure service continuity”. 

A third (32%) of government sector respondents admit they don’t perform analytics on DNS traffic, suggesting respondents are potentially unaware of how DNS downtime deprives users access to essential applications or government services. 

For David Williamson, CEO of EfficientIP, the study’s sponsor, the results show that, “With an increasing number of government services moving online, hackers have more points of attack to exploit than ever before.

“When 91% of malware uses DNS, analysis of DNS transactions is vital for uncovering these dangerous threats hidden in network traffic. In particular, the detection of data exfiltration via DNS requires visibility and analytics on transactions from the client to the destination domain. 

“Despite this, our latest research shows governments are significantly more exposed than other sectors to DNS attacks. This is unacceptable when governments are trusted with sensitive information by their citizens, so they need to understand the potential risks to protect both themselves and the public.”

The research we’re talking about here was conducted by IDC from January to April 2019, getting feedback from 904 respondents in three regions, North America, Europe and Asia Pacific.

Respondents included CISOs, CIOs, CTOs, IT Managers, Security Managers and Network Managers. To read the full IDC InfoBrief, please click here.