The Daily Swig Web security digest

Study highlights ongoing DNS security failings

James Walker | 04 October 2017 at 10:00

One year on from the Dyn attack that knocked dozens of major sites offline, a new study finds DNS security is still being overlooked.

DNS security is often overlooked when it comes to cybersecurity strategy, with most companies inadequately prepared to defend against attacks on their domain naming systems, a new study indicates.

After surveying 1,000 security and IT professionals worldwide, Dimensional Research, on behalf of network intelligence firm Infoblox, found that 86% of DNS solutions failed to draw attention to an ongoing attack, and nearly one-third of professionals doubted their company could defend against the next domain-based attack.

The results come in advance of the one-year anniversary of the DDoS attack on DNS provider Dyn last October, which knocked dozens of major sites offline including Netflix, Airbnb, Amazon, CNN, New York Times, and Twitter.

Despite this wake-up call, the survey indicates that just 11% of companies have dedicated security teams managing DNS.

“While we found that DNS security is one of IT and security professionals’ top three concerns, the vast majority of companies are ill-equipped to defend against DNS attacks,” said David Gehringer, principal at Dimensional Research.

“This is exacerbated by the fact that companies are extremely reactionary when it comes to DNS security, only prioritizing DNS defense once they have been attacked.”

Gehringer added: “Unless today’s organizations begin moving to a proactive approach, DDoS attacks such as the one on DNS provider Dyn will become more pervasive.”