The DNS (Domain Name System) is the keystone of the proper functioning of the internet. Each time you access your email or your Facebook, you’re using it. So when a DNS server is under attack and inaccessible, every website that it supports also becomes unavailable. DNS attacks have already had a major impact in the functioning of companies, and it turns out to be absolutely essential to learn about the way this attack works and to implement measures to protect yourself from it.
The Domain Name System is a growing target for cyberattacks designed to cause downtime or simply harm businesses. When attacking it, a cybercriminal usually exploits a vulnerability. The DNS can be used by attackers as a vector for stealing valuable data or launching a DDoS attack. According to the DNS Threat Survey 2017, conducted by EfficientIP, 76% of organizations have fallen victim to a DNS attack this year.
“76% of organizations have fallen victim to a DNS attack this year.”
What are the most common DNS attacks?
There is a wide variety of these attacks that companies should be aware of. According to this study, there are three attacks in particular that mainly concern companies. The first of these is the DDoS attack on a DNS server, where attackers flood the servers with traffic and the service becomes inaccessible to users. In October 2016, a cyberattack on the servers of Dyn, the US company that controls most of the DNS infrastructure, caused sites like The Guardian, Reddit and CNN to go offline. In a survey of IT security managers, 32% reported having been victims of this type of attack, a significant increase from 22% in 2016.
The second method, and the one that most concerns companies, involves data theft via DNS. In this case, cybercriminals take advantage of the DNS to filter data through the User Datagram Protocol, using a tunnel to transfer data or to seize control of the computer. Because firewalls and other traditional security solutions do not perform deep DNS scans, they are unable to detect when a protocol has been breached. This year, of those surveyed by EfficientIP, 28% reported that sensitive data had been stolen from them as a result of this vulnerability.
Another one of the most headache-inducing attacks is the DNS zero-day attack: 19% of companies have reported falling victim to this type of attack. Here, the attacker takes advantage of a security breach in the DNS protocol or in the server software on the same day that the vulnerability comes to light. With a query previously formulated to the server, the attacker can block the system and inflict damage on the victim company.
“On average, DNS attacks cost companies 2.23 million dollars annually.”
How can you prevent a DNS attack?
The economic impact of a DNS attack is too high to ignore. On average, DNS attacks cost companies 2.23 million dollars annually. An insecure DNS system is already in itself an invitation for attackers to access your company’s data and inflict downtime on your services. That’s why it is vital to take into account the popularization of these attacks and implement the appropriate security measures and solutions.
Here are three tips from Panda Security to combat DNS attacks:
- Update, update, update. This prevents attackers from taking advantage of vulnerabilities in software or operating systems. It is a measure that requires little effort and can end up saving you and your company a lot of stress.
- Implement a complete detection system, such as a perimeter firewall that prevents connections between the corporate network and the internet unless they comply with company policy.
- Incorporate advanced cybersecurity solutions that centrally protect all workstations and servers with advanced prevention, detection and remediation capabilities.