DNS Security Problems Widespread and Poorly Understood: Study - InformationWeek
IoT
IoT
News
News
7/17/2007
06:22 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%
RELATED EVENTS
[Dark Reading Crash Course] Finding & Fixing Application Security Vulnerabilitie
Sep 14, 2017
Hear from a top applications security expert as he discusses key practices for scanning and securi ...Read More>>

DNS Security Problems Widespread and Poorly Understood: Study

Respondents attributed the DNS security problems to malware, denial-of-service attacks, cache poisoning, and pharming.

Nearly half of IT and business professionals surveyed by Mazerov Research reported a security compromise of their Domain Name System servers, despite spending money on overlapping security products.

The independent study of 465 people, conducted on behalf of Secure64, found that "[n]early half (45%) of the participants had experienced a compromise of either their internal, external or caching DNS servers."

Sixty-eight percent of respondents attributed their DNS security problems to malware. Forty-eight percent cited denial of service attacks. Thirty-six percent pointed to cache poisoning (injecting false information into DNS caches). Twenty-three percent indicated pharming (redirecting document requests from one Web site to another).

"Perhaps the most ironic aspect of this part of the survey is that DNS is a misunderstood part of the IT infrastructure," the survey states. "While 37% indicated that the loss of e-mail and 13% indicated that the loss of access to the Web would be the most catastrophic, the fact is that with the loss of DNS, all of these services would be largely unreachable. This indicates a clear misunderstanding of the role of DNS protection among the IT community, even among high-level IT management."

Given the expected impact that a loss of Internet connectivity would have on their businesses " 40% predicted significant revenue loss, 39% predicted brand damage, 30% predicted customer loss, and 12% predicted going out of business " there's a good argument for investing in DNS protection, or at least understanding the implications of a DNS failure.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll