A recent survey shows that 88% of financial services organizations experienced DNS attacks in the past 12 months.

In its 2019 Global DNS Threat Report, EfficientIP, a specialist in DNS security for service continuity, user protection and data confidentiality, revealed that the financial services sector is the most targeted industry, with 88% of financial services respondents experiencing under-the-radar DNS attacks in the past year.

Covering 900 respondents from nine countries across North America, Europe and Asia, the report found financial services organizations experienced an average of 10 attacks a year, a 37% increase from last year. In addition, 47% of financial services organizations were subject to DNS-based phishing scams.

Last year, a single DNS attack cost each financial services organization US$924,390. This year the research shows that each organizations on average spent US$1,304,790 to restore services after each DNS attack, the most out of any sector, and an eye-watering increase of 40%.

Rising costs is only one of the consequences DNS attacks caused for the financial services sector, the survey showed. The most common impacts included cloud service downtime, experienced by 45% of financial organizations, and in-house application downtime (68%).

While 65% of financial organizations are either already using or planning to incorporate zero trust architecture, they still appear to be behind the curve when it comes to making use of DNS analytics for enhancing overall network security. Just over 67% perform no DNS traffic analysis for their internal threat intelligence program, and 43% have adopted very little or no automation at all in their network security policy management. This still leaves the financial services sector vulnerable to DNS attacks, which appear to be on the rise.

On the positive side, financial services organisations in the report do see real value in using machine learning to bring predictive security into their capabilities. About 90% of respondents see this as particularly useful for detecting unknown (“zero-day”) malicious domains.

Nick Itta, Vice President of Sales, APAC, EfficientIP, commented: “Financial services and banking organizations hold a wealth of customer information, and are lucrative targets for cyber attacks. Keeping data safe is essential to maintaining their reputation. Ensuring visibility over DNS traffic, real-time awareness and the ability to take prompt action on any suspicious activity will bring much-needed hygiene and protect servers from such reputation-damaging attacks”.

He added: “Performing a real-time DNS transactions analysis and automate their network security policy management should be mandatory steps towards their network’s full safety”.