sb-nz logo
Story image

Education sector most at risk of DNS attacks - with a steep cost

28 Oct 2020

IDC & EfficientIP’s 2020 Global DNS Threat Report indicates that the overall cost of a DNS attack is a staggering US$867,000, and the education sector is most likely to feel the brunt.

The report, which is based on responses from 900 IT professionals in Asia Pacific, Europe, and North America, found that 84% of education organisations surveyed have been hit by DNS attacks, with each suffering an average of eight attacks.

Respondents from education firms state that they are also plagued by distributed denial of service (DDoS) attacks (44% of respondents), while phishing attacks continue to be a problem for 52% of firms.

The education sector is more susceptible to certain DNS attacks - for example, the sector has been hit by more attacks based on zero-day vulnerabilities than the average of all sectors. 

“The damage cost from DNS attacks on schools can be very high,” says EfficientIP vice president of strategy Ronan David.

“A successful DNS attack can result in anything from significant financial losses for universities to reputational damage to network disruption. Not only that, stolen information—like addresses and other confidential data of students and staff—can be sold to a third party or held for ransom.”

The education sector is also vulnerable to data theft, in-house application downtime, and it reported the most instances of compromised websites.

According to the report, 56% of education organisations temporarily shut down specific affected processes and connections, and 70% disable some or all of the affected applications. Further, 44% of respondents are likely to shut down a server or service in the event of an attack.  On average, it takes educational institutions 5.5 hours to mitigate an attack.

What do criminals have to gain from DNS attacks? The report suggests that espionage and intellectual property theft could shed some light - particularly when analysing research facilities that develop innovations in the computer, medical, or natural science fields.

IT decision-makers in the education sector use a variety of methods to protect themselves from DNS attacks. They include: 

  • Automation of network security policy management (48%)
  • DNS traffic monitoring and analysis (38%) 
  • Securing network endpoints (32%)
  • A zero-trust approach (24%)
  • Adding new firewalls (20%) 

“DNS sees virtually all IP traffic, so is ideally placed to be your first line of defence. Analysis of DNS traffic can greatly help detection and mitigation of threats. DNS traffic inspection can also catch data exfiltration attempts, which traditional security components such as firewalls are unable to detect,” concludes David.

Story image
Digital transformation and cloud security top of mind for enterprise
In the era of the coronavirus pandemic, digital transformation and cloud security are the chart-topping topics enterprises want to know more about.More
Story image
Secure Code Warrior launches offering to help developers adopt a security mindset
Secure Code Warrior, the secure coding company, has launched a new educational offering that simulates realistic situations to help developers extend their coding skills and preparedness.More
Story image
Video: 10 Minute IT Jams - Bitglass director on all things SASE
This is our second IT Jam with both Bitglass and Jonathan Andresen, who is the company's senior director of marketing. In this video, Jonathan discusses all things related to Secure Access Service Edge (SASE): its advantages over traditional security tech, what enterprises should look for, and how SASE relates to cloud-delivered secure web gateways.More
Story image
DDoS campaigns, BEC scams & Emotet: CERT NZ reports top security threats
It has been yet another tumultuous quarter for New Zealanders and their wallets, with almost $6.4 million in reported financial losses due to cybersecurity incidents.More
Story image
Forescout expands integrations with partner solutions
Expanded partnerships and integrations with Splunk, CrowdStrike and CyberArk allow for better IT and OT security posture for joint customers.More
Story image
Trend Micro integrates with AWS Gateway Load Balancer for improved security function
Cloud security firm Trend Micro has announced its hybrid cloud security integration with the newly launched AWS Gateway Load Balancer.More