DNS Attacks are Widespread & Catastrophic

Attacks that are targeted on DNS (Domain Name Servers) are a serious problem for organizations. With this, the associated DoS (denial of service) threats are also increasing, says Mazerov Research and Consulting in its research report published on July 17, 2007.

The growing reliance of organizations on Web activities makes them vulnerable to malware attacks on DNS, said Mazerov researchers in their report. Infoworld reported this on July 17, 2007.

The research group conducted a survey involving 465 participants at the request of Secure64, a vendor for anti-malware applications. The study revealed that about 45% of respondents had suffered a hack on either their internal, external or caching DNS servers.

The DNS security breaches were attributed to different reasons. 68% of those surveyed attributed it to malware; 48% related the problem to DoS attacksl; 36% said that adding untrue information to the DNS caches, called cache poisoning, caused the security problems. 23% pointed to pharming as the real cause.

Interestingly, the study analysis called it an irony that DNS is wrongly taken as a component of the existing IT infrastructure. While 37% of respondents said that e-mail loss was most disastrous, 13% thought failure to reach the Web was the main calamity. But the truth is that the failure of DNS would make all these services inaccessible. This represents a total misunderstanding of the part that DNS protection plays for the IT community, including the IT management at higher levels. InformationWeek reported this on July 18, 2007.

Another problem relating to the issue of DNS assault is that many organizations expect servers to block malware and prevent DoS attacks, even the rootkits, said the researchers. About 54% of the participants relied on DNS filtering systems to block viruses and rootkits of which, 52% depended on the systems to regain availability in instances of DoS campaigns.

The researchers also tried to find out how long the organizations could withstand if DNS servers were shut down. 74% of those surveyed said the situation would affect productivity directly while 40% said it would mean significant decline in revenue.

Related article: DNS Servers Not Free of Vulnerability

» SPAMfighter News - 7/30/2007