The fight against DNS attacks continues

The fight against DNS attacks continues It appears that despite massive ongoing efforts and the deployment of a vast and complex range of measures many companies are still struggling to defend their Domain Name System servers from malware attacks. It seems the steady rise in phishing attacks (there was a 26% rise in the first part of 2005) allied to ever more sophisticated scams like pharming attacks continue to cause real problems for the world of network security and expose DNS insecurities.

According to a recent survey of IT and business professionals by Mazerov Research and Consulting more than half claimed to have suffered a malware attack of some sort, just less than half reported pharming or cache poisoning and a third had experienced a Denial of service attack. In fact amongst all the respondents a mere 16 % claimed never to have experienced a malware attack of some sort. Indeed, of the various types of DNS attack malware came out as the most prevalent with 68%, ahead of denial of service, 48%; cache poisoning, 36% and pharming with 23%.

For IT departments an attack on their companies Domain Name System servers must rank as one of the most alarming threats out there. Should a DNS server be compromised a hacker would have complete control and therefore the ability to mislead surfers into all variety of phishing and pharming attacks. Understandably, companies are finding it necessary to employ fairly convoluted measures in attempt to defend DNS – on average the typical number of overlapping methods used at the same time is 3.5 with the patching of operating systems emerging as the most popular option. Other means of protection might include dedicated Firewalls, DoS mitigation services, and various DNS appliances.

The study also proved quite illuminating in highlighting a disparity of opinion between IT personnel and C-level executives when it came to estimating the amount of time their company could withstand significant problems if DNS was taken out. The executive averaged 126 minutes whilst the IT people came up with a slightly less optimistic 105 minutes, although in some cases thought a mere 72 minutes would result in serious problems. The potentially damaging impact of a period of internet downtime to companies was made very clear - asked how their company would fare in the event of the internet connection being knocked out for a more significant period a rather shocking 12% thought it was extremely or somewhat likely they would completely go out of business.

About the Author:

Techworld is the UK's premiere site for IT professionals. Visit www.techworld.com/networking/network-security.cfm for articles on network security and a host of other IT topics