Today anyone can launch a DDoS attack with $20 using a credit card number they stole with any number of stressor tools. In response organizations are doing a better job of defending themselves with increasingly sophisticated solutions. If you are in network IT management and subscribe to any number of e-zines and groups, then you probably can't get through a day without receiving messages from a half-dozen security vendors. There are lots of security solutions because there is lots of organizational investment in that technology category. As a provider of a secondary DNS service we have heard a few networking people tell us, “Go talk to the security guys because they have all of the budget and mine keeps getting reduced.”
With that in mind we wanted to help the DNS guys by providing some key facts on optimizing and protecting the DNS. This infographic compiles some of the best information from analyst and vendor whitepapers to help you build your case for DNS investment. All of the facts are cited in the infographic if you want to do more reading from the original sources. For a PDF version please see the DNS Under Attack Infographic.
Starting with the top line, we have an 85% increase in overall DDoS attacks in 2016 and this includes a 169% increase in attacks at the infrastructure layer. This surprised us because the application layer is still often the more effective way to launch a successful attack. We surmise that the big jump in infrastructure attacks is because they are relatively easy to execute. This makes sense since 56% of all attacks are multi-vector. In other words it seems that if infrastructure is easy and cheap to attack then the bad actor might as well add it to cover the tracks of a more sinister objective.
Now on to the DNS. Arbor Networks reported that 84% of IT managers reported that their DNS was used in an amplification attack. Strangely, only 34% saw attacks on their DNS. It is our view that the first number, while not the direct target the attack is still an abuse of your DNS and being an unwitting accomplice is every bit as bad as being a victim —but we are perfectionists about the DNS.
And finally, the most salient piece of information was that 39% of organizations require 10+ people to respond to an attack. So if you manage the DNS and are looking for a reason to invest in that infrastructure then look no further than adding up the amount of time and number of meetings your team has to sit through before, during and after a problem happens. And remember this is just based on attacks, the DNS is still exposed to application, hardware, and network outages.