Increased DNS Attacks Depleting Finance Companies Millions

Since 2018, the cost of a single Doman Name System (DNS) attack has gone up by over 40% to more than $1.3 million as shown by a new study. In the survey, hundreds of senior professionals in the technology sector, from IT managers, CISOs to CIOs were studied and it was found out that the attacks have been disruptive and worryingly so. Of the surveyed, 88% of all financial companies had gone through a DNS attack within one year with most affected over 10 times on average within that period.

The web phone book

DNS is critical in domain name conversion into IP addresses which has seen it become the web’s phone book. It’s what hackers have been misusing, mostly in two main ways. DNS has been exploited first through the submission of copycat websites to unsuspecting victims where their data is harvested through phishing attacks. The other way is through the disruption of companies where their websites or apps are illegally accessed causing downtime. For connection to be reverted, hackers have in recent times started demanding ransom.

The EfficientIP-commissioned study also found out that within the last 12 months financial organizations targeted in DNS related phishing cases stood at 47%. 45% of them went through sever cloud downtime and another 68% went through in-house downtime on apps.

Diverse reasons for increase in attacks

As companies release customer-facing solutions, particularly apps which are DNS reachable, the attacks have gone up across diverse user services. Also, a reason for the rise in DNS-based attacks has been attributed to the awareness of threats the registry poses with IT professionals expected to know that it’s the main source of the attacks.

At the same time, the cost of an average DNS attack suffered by financial companies was a bit higher in recent times. As the gate-keepers of money for all types of customers offering all types of services needed day or night by users, financial companies have been operating very predictable networks. They’ve become the main target of most hacking and DNS attacks.

Info disclosures of attacks and NIS Directive

In the UK, the FCA (Financial Conduct Authority) compelled banks to information disclosures of related online security and operation incidents affecting them, particularly after a huge IT meltdown caused by an attack on TSB that has since seen the cost rise to over $400 million.

European regulations have continually insisted on the need to strengthen critical infrastructure from attacks with IT outages now resulting in various fines courtesy of a NIS Directive in the UK. Companies could be fined up to about $20 million according to the power given by the NIS Directive, although FCA could raise the fines further in an attempt to ensure DNS attacks and other cases of insecurity meted on critical financial infrastructure doesn’t take place due to negligence and inferior safeguards.

At the RSA Conference of 2019, SANS Institute noted that there were five most dangerous DNS attack methods that have been gaining track in 2019. These include DNS manipulation, domain fronting, DNS traffic capture, attacks via CPU flaws such as BMCs (baseboard management controllers) for persistent access and personalized cloud attacks on individuals.