Europe Opens Up Its Wallet for DNS Attack Cost

2019 marks another year of hikes in the DNS attacks experienced by organizations, as well as the cost of them. Hackers are also changing up the tactics they use to break into their favorite company websites. European organizations might have a number of options for protecting themselves in the future, zero trust among them, but will it be enough to stop those tooled up and scrappy hackers?

More attacks, but some more popular than others

Four in five, 82% of global businesses suffered a DNS attack last year, and DNS attack numbers are now in the double digits for many. European organizations average ten attacks per year. French businesses ‘luckily’ only experience eight whereas British equivalents suffer most heavily, forced to face 13 attacks per year.

With attack numbers soaring, this year’s attackers choose phishing as the most popular method of attack with 48% of organizations experiencing such an attack and compared with one in three respondents, 32%, facing a DDoS attack on their organization. The impacts of attacks can be devastating, creating urgent financial and reputational issues as well as technical ones. Would a zero trust security approach have been able to mitigate these?

Buyers numb to attack impacts

Thanks to DNS-based attacks slipping through defenses, 2018 was the year of application downtime, perhaps due to not using threat intelligence on enterprise network traffic. 63% of businesses globally experienced this issue and the same pattern plays out in Europe. 58% of UK respondents and 63% of Spanish organizations surveyed had to rectify this issue. One in two businesses across Europe, 47%, have also had their websites compromised and 26% lost business, perhaps as a direct result. This also brings the potential of NISD non-compliance and the fines that come with it. However, the overall data theft numbers are lower than last year, at 10% in Europe, defying the global average of 13%.

With attack methods varying, European organizations are paying the price this year for failing to protect against DNS attacks and the expensive issues they create. While the average cost of an attack now stands at €950,000 globally, Europeans are hit harder than most, and face an eye-watering bill of €1.06M, €90,000 more than their American counterparts and almost €300,000 above what Asian organizations part with. In particular, British businesses have seen the largest year-on-year rise in average attack cost at 108%, double that of their European neighbors.

Protecting the future

To protect against future attacks and avoid costs, companies are leveraging DNS for their overall security strategy, taking advantage of the threat intelligence, policy control and network automation it allows. European businesses are turning to a number of solutions and the zero trust approach in particular is gaining popularity. This typically involves a reduction in employee privileges and micro-segmentation of the corporate network with DNS security fueling the threat intelligence and automation key to this. Overall, securing endpoints is the primary solution for protecting data confidentiality with 35% opting for this solve to keep attackers from getting into their network. 30% are also aiming for greater DNS traffic analysis to identify and freeze attacks as soon as they’re in, stopping any movement into critical areas.

Due to its effectiveness, it is particularly positive that research shows exactly one in two European businesses, 50%, are planning to adopt a zero trust approach to their enterprise network security. The UK is either the least ambitious or already more heavily involved with 44% of those surveyed planning to adopt zero trust compared to France, Germany and Spain which all have at least 50% commitment, rising to 54% in France.

The cost is high for any business that experienced a DNS attack in 2018, higher than ever before. However, work is clearly underway to deploy the next-generation network security ecosystem, and the real-time threat intelligence provided by DNS will go a long way to help security operation centers speed up detection and remediation.