Wednesday, October 11, 2017

Heart trouble

Imagine the scene: you feel chest pain and one day, going to work, you fall collapsed in the middle of the sidewalk. There is no doubt, it´s a heart attack. After the incident, and after listening carefully to the recommendations of your doctor, you decide to incorporate sugary drinks into your diet, start smoking and go to the amusement park on your day off. Because the risk is there but, why are we going to pay attention to the recommendations? It may seem crazy but, to this day, this is what happens with many companies and cybersecurity.

Today is the one-year anniversary of the most famous DNS attacks. Just a year ago the Dynamic DNS server received a massive attack that left large platforms like Netflix, Airbnb, Amazon, CNN, New York Times, Twitter and several more inaccessible. This attack drew attention to what was already a reality: most companies had inadequate defenses in terms of DNS. Once this was done, hope was set for the change, but thanks to the study of the week, it´s disconcerting to see that, despite what the "cybersecurity doctors" recommended, the companies decided to continue taking risks.

The Domain Name System (better known as DNS) allows us to resolve the name of a web page by its IP address. Like the heart for the human being, DNS is a basic and extremely necessary element for the functioning of the Internet. But DNS servers often go unnoticed ... until they are attacked. They´re an element that tends to be ignored when establishing a strategy of cybersecurity, but the consequences are dire if you receive an attack (even if it´s not a heart attack).

The specialized consultant Dimensional Research has surveyed more than 1000 IT and Security professionals around the world and the results can be summed up in this expression: there´s no more blind than the one who doesn´t want to see. In the words of David Gehringer, director of Dimensional Reseach: "Our study reveals a gap in the market, while we discover that DNS server security is one of the biggest concerns for corporate managers, the vast majority have a lousy defense against attacks on these servers. "And is that why not protect something that worries so much?

The situation is worse by knowing that, although 3 out of 10 companies have been victims of DNS attacks, only 11% have dedicated security equipment to protect DNS, that is to say , server protection is not yet considered as one of the highest priorities in terms of security. In the case of the companies attacked, 93% have suffered moments of inactivity and almost half of them have endured the hang of their websites for more than an hour. These periods of inactivity directly affect the financial aspect of the companies and as a result, 24% of the companies attacked have lost more than 100 thousand dollars.

Another fact to consider is that, despite 71% of the respondents claim to carry out a real-time monitoring of DNS attacks, 9 of 10 of these processes fail to notify the teams that the attack is taking place. To make matters worse, 20% of companies are aware of these attacks by consumers' own complaints, which happens too late and when their reputation or customer satisfaction has been affected.

When we talk about DNS attacks, we are not talking about a single type. There are DNS hijacking, DNS spoofing, cache poisoning, protocol anomalies... Only 37% of companies with strategies to protect their DNS could repel any type of attack. Why is this data so significant? Because after this percentage, it´s not very risky to say that the rest of companies that came out happy of some attack had the luck to face one that could fight, whereas they had joined the list of failures in case of having had to face any another category of DNS attack.

This study reveals, once again, that only after receiving an attack, companies (and not all) worry about developing a strategy focused on the security of DNS servers. Now, a year after the attack on Dyn, many companies continue to risk and put their reputation and even their money to the limit. It seems illogical that, after having suffered a heart attack, someone should risk his life simply by not applying preventive measures ... just as alarming should resemble this attitude in the field of cybersecurity. It takes a drastic change in the mentality of companies and start making decisions that protect companies in the long run. Does anyone know where the "better prevention than cure" was left?


Post a Comment