Indian firms pay hackers nearly Rs 6 crore per DNS attack: Report
India organisations paid at least Rs 6 crore ($784,000) per DNS attack in India as the country saw the highest number of such attacks at 12.13 per organisation this year, a new report said on Tuesday.
Nearly 27 per cent of companies in India had sensitive customer information stolen, compared to 16 per cent globally. Cloud service downtime, as a result of attacks, reached 65 per cent in the country.
The costs of attacks in India, however, decreased by 6.08 per cent, from about $835,000 to $784,000 this year – slightly higher decrease in costs compared to the entire Asia region, which saw a decrease of 2.62 per cent from $814,000 to $792,000, according the ‘2020 Global DNS Threat Report’ by EfficientIP, a specialist in DNS security for service continuity, user protection and data confidentiality, along with the International Data Corporation (IDC).
“In this era of key IT initiatives like IoT, Edge, SD-WAN and 5G, DNS should play a much larger role in the security ecosystem,” said Ronan David, VP of Strategy for EfficientIP.
“The COVID-19 pandemic has exacerbated the need to shore up DNS defenses, when any network or app downtime has major business implications,” David added.
Poor brand image is also of major concern as India surpassed the global average of 29 per cent, with 44 per cent of companies surveyed in India suffering brand damage due to DNS attacks.
A DNS attack is an exploit in which an attacker takes advantage of vulnerabilities in the domain name system (DNS). DNS is a protocol that translates a user-friendly domain name into the computer-friendly IP address.
“Recognition of DNS security criticality has increased to 77 per cent as most organizations are now impacted by a DNS attack or vulnerability of some sort on a regular basis,” said Romain Fouchereau, Research Manager European Security at IDC.
“The consequences of such attacks can be very damaging financially, but also have a direct impact on the ability to conduct business. Ensuring DNS service availability and integrity must become a priority for any organization,” he added.
Globally, nearly four out of five organizations (79 per cent) experienced DNS attacks, with the average cost of each attack hovering around $924,000.
The organizations across all industries suffered an average 9.5 attacks this year.
“The figures illustrate the pivotal role of the DNS for network security, as threat actors make use of DNS’ dual capacity as either a threat vector or a direct objective,” said the report.
The report found that the number of businesses that suffered from cloud service downtime increased from 41 per cent in 2019 to 50 per cent in 2020, a sharp growth of nearly 22 per cent.
According to the report, currently 25 per cent of companies perform no analytics on their DNS traffic (compared to 30 per cent last year).