According to a report commissioned by security vendor EfficientIP, the telecommunications industry is among the worst in regards to responding to DNS attacks.
The research report found that 43% of the telco organizations suffered from DNS-based malware over the past 12 months, and 81% took three days or more to fix the problem after being notified.
According to this year's "2018 Global DNS Threat" report, telcos were taking too long in responding to the attacks with an average of three employees spending more than 17 hours per attack.
Due to how time-intensive the mitigation process can be, the average cost per DNS attack is rising for the telco sector. Last year, a single DNS attack cost a telco organization $622,100. This year, the research shows telcos lose an average of $886,560 from each DNS attack, which was an increase of 42% over the past year.
“Telco organizations attract complex, sophisticated cyberattacks as they hold sensitive customer data, and are also critical for providing unified communication services to businesses," said EfficientIP CEO David Williamson, in a prepared statement. "With a large part of their customer base operating online, strong network security has become a business necessity for the entire telco sector in general. Ensuring consistency and reliability in service is a crucial step towards providing elevated customer satisfaction.”
The report also found that cyberattacks tarnished telcos' reputations due to the service issues they create. During an attack, 45% had to shut down the specific affected process and connections while 38% suffered from cloud service downtime.
Thirty percent of the telcos reported that sensitive customer information was stolen due to an attack while 33% said they had compromised websites. The report also found 31% of the respondents suffered from in-house application downtimes.
Philadelphia-based EfficientIP provides security for Netflix, eBay, Hewlett Packard, STMicroelectronics, Orange, Vodafone and the London Stock Exchange, among other customers, while also working to protect hospitals and stadiums.
RELATED: CenturyLink's Threat Research Labs blocks one-two punch of botnet
EfficientIP recommended five best practices for the telecommunications industry:
- Simplify DNS architectures by replacing intermediary security layers with an adapted DNS security solution. EfficientIP said this helps guarantee the availability of a service.
- Augment threat visibility by using real-time, context-aware DNS transaction analytics for behavioral threat detection. Businesses can detect all threat types, and prevent data theft to help meet regulatory compliance such as Europe's GDPR and the U.S. CLOUD Act (Clarifying Lawful Overseas Use of Data Act.)
- Telcos should apply adaptive countermeasures that are relevant to the threats, which helps ensure business continuity even when the attack source is unidentifiable. It also cuts down on the risk of blocking legitimate users.
- Decentralize the DNS architecture to help cope with the heavy growth of traffic. In addition to enhancing the user experience, placing purpose-built, high-performance DNS servers in points of presence (POPs) improves security against DDoS attacks.
- Telcos should incorporate DNS into a global network security platform to identify unusual or malicious activity and inform the broader security ecosystem of the threats. This allows holistic network security to address growing network risks while protecting against the lateral movement of threats.
The report was conducted by Coleman Parkes from January to April. The results are based on 1,000 respondents in three regions: North America, Europe and Asia Pacific. The respondents included CISOs, CIOs, CTOs, IT managers, security managers and network managers. A total of 96 telco organizations were interviewed across nine countries for the survey.