They also take over seven hours to mitigate attacks, exposing sensitive national data to vulnerability in that critical period.
Government organizations were hit by the highest number of DNS attacks per year, according to the IDC 2019 Global DNS Threat Report. Government suffers an average of 12 DNS attacks per year, with each attack costing an average of US$558,000, amounting to US$6.7 million annually.
The report revealed that over half (51%) of government organizations suffered in-house application downtime as a result of DNS attacks in the last 12 months, rendering potentially vital services inaccessible, while 43% faced cloud service downtime. Another 41% of organizations were impacted by compromised websites, putting data at risk. Almost one in five (19%) government respondents also reported sensitive information or intellectual property being stolen via DNS, by far the highest among all industries.
The typical DNS attack takes over seven hours for government organizations to mitigate, leaving the door wide open to a huge potential loss of sensitive personal and financial data. Also, 51% of government respondents admitted to shutting down a server to stop an attack in progress, indicating that the countermeasures in place are not adapted to ensure service continuity.
Despite the risk, one-third (32%) of government respondents do not recognize the critical nature of DNS to operations, stating DNS security is only low or moderately important. Furthermore, one third (32%) of government sector respondents do not perform analytics on DNS traffic, suggesting respondents are potentially unaware of how DNS downtime deprives users from accessing essential applications or government services.
David Williamson, CEO of EfficientIP, which commissioned the study, commented on the report’s findings: “With an increasing number of government services moving online, hackers have more points of attack to exploit than ever before. When 91% of malware uses DNS, analysis of DNS transactions is vital for uncovering these dangerous threats hidden in network traffic. In particular, the detection of data exfiltration via DNS requires visibility and analytics on transactions from the client to the destination domain.”
Nick Itta, Vice President of Sales, Asia Pacific at EfficientIP, said: “As governments in the Asia Pacific expand digital adoption and accelerate their pace in digitization, we have at the same time witnessed disastrous impacts of cyberattacks in the region. In many of these cases, DNS, as left unprotected, is often used as a vector of these attacks. While applaudable that stronger cybersecurity laws have been implemented, there is a need to focus on improving DNS’ resilience and implement stricter cybersecurity safeguards, including DNS security solutions. This comes with the building of ASEAN as a smarter, more intelligent networks, and contributing to the public’s trust in their government.”
Despite this, the latest research shows governments are significantly more exposed than other sectors to DNS attacks. This is volatile when governments are trusted with sensitive information by their citizens, so they need to understand the potential risks to protect both themselves and the public.
Government administrations tied with healthcare sectors in stating that they put the least importance on Machine Learning (ML) for detecting unknown malicious domains or Domain Generation Algorithms (DGAs). Government administrations also has the lowest rate of adoption for the Zero Trust cybersecurity approach of any sector surveyed.