They experienced an average of 11.4 attacks compared to 9.5 in other industries,according to a DNS security firm’s research

The ‘telecommunications and media sector’ was the most frequent victim of DNS attacks in 2019, during which organizations in the sector experienced an average of 11.4 attacks last year, compared to 9.5 attacks across other industries.

According to the IDC 2020 Global DNS Threat Report, more than 83% of service provider organizations experienced a DNS attack, well above the overall average of 79%. A successful attack on telco providers can have especially far-reaching consequences because outages may affect customers relying on 24/7 availability of networks.

The research, commissioned by EfficientIP and conducted from Jan to Apr 2020, was based on 900 respondents (CISOs, CIOs, CTOs, IT managers, security and network managers) in North America, Europe and the Asia Pacific region.

More study findings
As well as a high attack frequency, telcos also tended to experience costlier attacks, with over 8% of organizations stating that they had suffered damages of over US$5 million as a result of a DNS attack.

Successful DNS attacks commonly resulted in in-house application downtime, experienced by 60% of respondents. In previous outages, service disruptions had resulted in both severe brand damage and customer churn. In this report, 25% of providers experienced brand damage while almost 31% reported a loss of business.

Lastly, for 18% of telcos, DNS attacks resulted in the theft of sensitive customer info. This is especially concerning since a large amount of customer information is at the mercy of networks that are expected to perform at the highest levels.

While a large share of respondents had implemented comparatively blunt countermeasures to mitigate attacks—with 60% of organizations shutting down affected processes and connections, and 55% disabling applications—effective solutions and strategies are starting to be implemented.

This included Zero Trust strategies which 75% of companies were either planning, piloting or already running. Other improvements included automation of security management policies (currently adopted by 59% of telcos surveyed) and passing of valuable DNS event information to Security Information and Event Management and Security Operations Centers for helping to simplify threat detection and accelerate remediation.

Adding 5G to the landscape
Considering the high frequency of attacks, telcos and related service providers are increasingly acknowledging the important role DNS security plays in maintaining service continuity: 77% of organizations saw DNS security as integral for their business.

According to EfficientIP’s VP of Strategy, Business Development and Marketing, Ronan David: “Telcos rely more than ever on a stable network availability and the high capacity needed to serve customer’s requests as quickly as possible. A successful DNS attack can have far reaching consequences; not just for the affected provider but also for its customers experiencing disruptions and outages. An effective DNS security architecture is key to fend off attacks and avoid downtimes.” 

The firm’s Vice President for APAC Nick Itta added: “In Asia, DNS plays a very important role as 5G takes off in the region and turns its attention to adopting the technology with the appropriate infrastructure. This is especially so as threats develop at the same pace, if not outpace, technological developments. DNS is central to ensuring that 5G services will be available to users.”

With 5G rollouts starting to accelerate, the report advises telcos to prioritize DNS security as part of their overall security architecture. Next to Zero Trust strategies, companies can also augment their threat visibility using real-time, context-aware DNS transaction analytics for behavioral threat detection and regulatory compliance.