UK Public and Education Sector Organisations Face Major DNS Threats and Rising Costs of Security Breaches, Global Survey Finds
One in five (19%) of public sector sites and 11% of education bodies affected by DNS attacks say sensitive information was stolen
New research from EfficientIP reveals DNS-based attacks cost global organisations an average of over £1.7m ($2.2m) in 2016 alone
London, UK, 12 September 2017 – UK councils, schools and government offices were among global public sector and education organisations hit badly by DNS attacks last year – with nearly half reporting dealing with the issue cost them hundreds of thousands of pounds. One example is the UK education network (Janet) which suffered a DDoS attack in April 2016, resulting in students and teachers in the UK being unable to connect to the apps offered by their university for almost 48 hours.
One in five (19%) of public sector sites and 11% of education bodies affected by DNS attacks say sensitive information was stolen, compared to 16% in the UK overall. A fifth (20%) of public sector and 12% of educational victims also think intellectual property data was lost compared to 15% for UK organisations overall, while 10% of schools and colleges affected say they needed to take more than one day to recover.
This is in the context of yearly average costs of DNS security breaches to be now running at £1.7m ($2.2m) for organisations globally, with malware (35%), DDoS (32%), Cache Poisoning (23%), DNS Tunnelling (22%) and Zero-Day Exploits (19%) as the main threats.
The disturbing findings come from the 2017 Global DNS Threat Survey Report from EfficientIP, a leading provider of network services. According to the report, 76% of all respondents were subjected to at least one DNS attack in last 12 months, with 28% suffering data theft.
EfficientIP’s CEO, David Williamson, also points out that the imminent (May 2018) arrival of the General Data Protection Regulation (GDPR) should sound loud alarm bells for CIOs and CISOs working in the sectors. “In less than a year, GDPR will come into effect, so organisations really need to start rethinking their security in order to manage today’s threats and save their businesses,” he added.
The Survey examines the technical and behavioural causes for the rise in DNS threats and their potential impacts on businesses across the world. Major issues identified include:
Lack of awareness as to the variety of attacks
Of all sectors, global education organisations demonstrated the poorest awareness of the top 5 DNS-based attacks with 40% of them being aware of DNS Tunnelling, 39% of DNS-based Malware, 34% of DDoS, 29% of Cache Poisoning and 19% of Zero-Day Exploits.
Public sector’s awareness was better but still not good enough with only 48% of organisations aware of DNS-based Malware, 37% of Cache Poisoning, 36% of DDoS, 35% of DNS Tunnelling and 23% of Zero-Day Exploits.
Failure to adapt security solutions to protect DNS
It’s no wonder why over a third (35%) of public sector organisations and a quarter (25%) of education organisations have been subjected to DNS-based Malware, DDoS (31% and 22%), Cache Poisoning (26% and 24%), DNS Tunnelling (20% and 19%) and Zero-Day attacks (19% and 13%) in the past year.
49% of education sector DNS victims also stated the size of the DDoS attack they faced was between 1Gbits/sec and 5Gbits/sec and almost a third (30%) between 5Gbits/sec and 10Gbits/sec.
Although 59% of public sector organisations and 57% of education organisations have a hosted/cloud DNS Appliance base, 36% and 35% respectively suffered cloud service downtime in the last 12 months.
In terms of damage cost, 47% of public sector organisations revealed the final bill was between £77,000 and £231,000 ($100,000 to $300,000) – but 15% said the cost was between £385,000 and £770,000 ($500,000 to $1,000,000).
Poor responses to vulnerability notifications
When it comes to mitigation, 30% of public sector organisations had to close down specific processes, resulting in what attackers intended to do, but the majority (36%) responded by applying an immediate patch to fix the affected processes.
42% of public sector organisations also needed almost a full business day (six hours) to restore their systems (35% took the same time in education).
In 2016, 72% of public sector organisations only applied between four to ten patches (out of 11 critical security patches that were released in the same time). This number was even higher in education, at 89%.
“The results once again highlight that despite the evolving threat landscape and the increase in cyber-attacks, organisations across the globe and their IT departments still don’t fully appreciate the consequences of DNS-based attacks,” added David Williamson.
Recommendations
The following steps can be taken by organisations to ensure continuity of service and data protection for themselves, their users and clients:
Replace ineffectual firewalls and load balancers with purpose-built DNS security technology
Keep their DNS security up to date by patching DNS servers more often
Enhance their threat visibility by using deep DNS transaction analysis
The 2017 Global DNS Threat Survey report
The report was conducted by Coleman Parkes from February to March 2017, with results coming from interviews with 1,000 respondents in three global regions (APAC, Europe and North America). Respondents included CISOs, CIOs, CTOs, IT Managers, Security Managers and Network Managers.
Public sector and education organisations comprised a total of 15% of the entire survey base, with 10% of all 1,000 organisations UK-headquartered. 19 of the total in the two categories were between 10,000 and 50,000 employees.
To read the full report, please visit: http://www.efficientip.com/resources/white-paper-dns-securit...
About EfficientIP
As one of the world’s fastest growing DDI vendors, EfficientIP helps organisations drive business efficiency through agile, secure and reliable network infrastructures. Its unified management framework for DNS-DHCP-IPAM (DDI) and network configurations ensures end-to-end visibility, consistency control and advanced automation. Additionally, its unique 360° DNS security solution protects data confidentiality and application access from anywhere at any time. Companies rely on EfficientIP to help control the risks and reduce the complexity of challenges they face with modern key IT initiatives such as cloud applications, virtualization, and mobility.
Institutions across a variety of industries and government sectors worldwide depend on its offerings to assure business continuity, reduce operating costs and increase the management efficiency of their network and security teams. For further information, please visit: www.efficientip.com
PRESS CONTACT:
Ed Stevenson
Positive Marketing
0203 637 0648
efficientip@positivemarketing.com