Transform safely with DNS security

11th April 2018

Simon Whitburn
MD Cyber Solutions

The digital revolution is a key part of the global economy. It impacts businesses worldwide as they adapt operations to suit an increasingly digital approach to the day to day. And, where the large entities lead, SMEs follow, particularly if they are to maintain their market position and continue to meet changing consumer behaviour.

There is a caveat – digital transformation must be done securely or a business will pay the price. Over half of all cyber attacks happen to small businesses, and 60% of those affected will be out of business within six months after such an attack. Using the Cloud, social and mobile app-driven ways of working are the new normal for modern internet-centric companies, increasingly supported by a growing, mobile workforce of freelancers. Around 36% of the American workforce are freelancers [Freelancing in America: 2017], with 15.1% in the UK [ONS, 2017]. These numbers are likely to soar, especially given that 85% of millennials want to telecommute 100% of the time. The way we work is changing, and cyber security should be part of that new norm.

The cyber threats

It is understandable that in the race to differentiate and get products and services to market as quickly as possible, firms of all sizes overlook the cyber threat with an ‘it won’t happen to us’ mentality. However, as companies become reliant on internet-connected systems to drive business success, they are increasingly exposed to the risk of attack.

Distributed denial of service (DDoS) is the most obvious threat. Neustar’s 2017DDoS attack trend report found that 84% of companies surveyed had at least one attack in 2017, of which 63% said the loss of revenue at peak times can be over $100,000 an hour. UK firms suffered an average of 237 such attacks per month in Q3 2017 – almost double the figures a year previously.

Ransomware can have an even more catastrophic effect, locking organisations out of mission critical data. Even those that back-up their data could take days to restore critical systems, and attacks can be relentless: one vendor blocked over 631 million ransomware threats in 2017 alone.

That’s not to mention the risk to online firms of data theft and other security breaches. Government statistics from 2017 claimed nearly half (46%) of all UK businesses suffered at least one breach or attack in the previous 12 months. The report also argued that 46% were exposed to BYOD (bring your own device) security risks, with firms “who consider online services to be core to their business” described as having the most to lose.

Build cyber resilience with DNS

Often overlooked, the Domain Name System (DNS) layer is linked to most online threats and is therefore a great place to focus defensive efforts. Investment in DNS security can reduce cyber risks but also improve uptime, accelerate digital transformation and improve collaboration.

Despite its importance, many organisations don’t fully understand the DNS layer. Simply put, this runs in the background converting domain names into IP addresses, so internal and external internet users can access websites, apps and devices. To ignore it is to overlook a potentially serious threat vector.

The open design of the DNS can give hackers ample opportunity to exploit vulnerabilities in the servers. Through this system, exploiters can redirect users to malicious or phishing websites, transfer confidential customer data and IP out of the organisation via DNS traffic, or overload DNS servers to shut down your web presence in DDoS attacks.

Thankfully, the DNS layer is also a great place to plug in security to defend against malware, phishing campaigns, data exfiltration via DNS tunnelling and other threats that traditional solutions – like AV and network firewalls – might miss. The Cisco 2016 Annual Security Report shows that 92% of malware uses DNS in one of three ways: to gain command and control, to exfiltrate data or redirect traffic. Observing DNS traffic with the right tools, ideally with network analytics, can provide essential real-time insight into both inbound and outbound traffic, detecting potential attacks early on.

Cyber threats and online crime mustn’t stifle innovation nor limit the exponential growth of the country’s digital economy. As start-ups and businesses evolve and explore new approaches to their digital presence, cyber security in the DNS will boost resilience and support the growth of the businesses – and the ideas that could change the shape of our digital world.

Find out more about Nominet’s DNS cyber security services.