Security Watch | Matt Hines » DNS attacks hitting home

July 17, 2007 | Comments: (0)

DNS attacks hitting home

TAGS: Security

Attacks on domain name servers remain a serious headache for many organizations, with related denial-of-service threats on the rise, according to a newly published research report.

Based on a survey of approximately 465 IT admins carried out by Mazerov Research & Consulting -- and being promoted by anti-malware applications vendor Secure64 -- almost half (44 percent) of all respondents admitted that their companies have recently experienced either a pharming or cache poisoning attack, with one-third (33 percent) reporting denial-of-service assaults.

According to the report, which was published on July 17, both external and internal DNS servers remain equally under attack, with the recent incidents experienced among the respondents split almost evenly between the two types of server platforms.

In a nod to the importance of DNS systems, Mazerov found that just over half (54 percent) of all respondents said that their organizations are either 'totally or extremely dependent' on uninterrupted Internet connectivity to do business. An additional 26 percent of respondents said they were "very dependent" on full time access to the Web.

"Growing business dependence on Internet connectivity is the very vulnerability that allows malware to attack DNS," Mazerov researchers said in a report summary.

Another problem revolving around the DNS attack issue is that many companies rely on the servers to help ward-off malware and DoS attacks, including root kits and the like, the researchers said.

Some 54 percent of respondents said that their companies depend on DNS filters to prevent rootkits and other viruses, with 52 percent using the systems to retain availability during DoS campaigns.

When questioned as to how long their organizations could withstand having their DNS servers taken offline, some 74 percent said that such an attack would lead to a direct loss of productivity within their operations, with 54 percent admitting that they would not be able to conduct even basic business functions.

Some 40 percent of hose surveyed said that withstanding serious DNS attacks would lead to the loss of "significant revenue." Another 39 percent said they would expect related damage to their corporate brands and images if their sites are taken down.

When asked what the most catastrophic problem their organizations might experience in the event of a major Internet disruption, 37 percent indicated that they most feared losing e-mail services, while 47 percent said that the disruption of other Web-dependent services such as e-commerce, VoIP and customer support applications would hurt the most.

However, only 17 percent of respondents indicated that a failure of their DNS would be their worst nightmare.

That result puzzled the researchers and led them to conclude that many people fail to grasp the gravity of DNS threats.

"IT professionals are clearly facing a Sisyphean task when it comes to keeping their DNS secure," Bob Mazerov, founder and principal of the research company bearing his name, said in a synopsis of the report.

"What's particularly interesting is that most respondents perceived the loss of e-mail and other Web services as being a bigger problem than the loss of DNS," he said. "This suggests an enduring lack of focus, attention and awareness among IT and business professionals regarding the important and primary role DNS plays within the infrastructure of today's Internet-dependent enterprise."

Posted by Matt Hines on July 17, 2007 01:06 PM

RATE THIS ARTICLE: