Why sound DNS management processes are not optional for responsible businesses

Data from a recent Accenture report on cyber investigations shows that cyber attacks on businesses increased by an incredible 125 percent in the first half of 2021 compared to the same period in 2020. What will come as even more of a surprise to anyone who has studied cybersecurity, however, is the nature of these attacks.

Go back five or six years and it is safe to say that DNS related cybercrime was barely even on the radar. Over the past year or so, however, there has been an exponential increase in incidents, leading to both financial costs and damage to brand reputation.

What are DNS attacks?

The DNS serves as a central hub within a business’s IT infrastructure. While DNS attacks can take various forms, the overall objective is usually to bring critical functions to a grinding halt. Such functions might include email, operational processes or website functionality. The impact of even a few minutes of downtime can be significant, but being forced to pay extortionate ransomware demands is even worse. Palo Alto Networks found that the average payment in the first half of 2021 was $570,000, up more than 80 percent on H1 2020.

The industry has been quick to react, and DNS management is now embedded in many businesses’ cybersecurity practices. For some, it is through necessity as regulators in critical sectors have made it obligatory. In others, it is just plain good sense.

Practical ways to protect DNS integrity

That sounds great as far as it goes, but what do sound DNS management processes actually entail? As is the case with most aspects of cybersecurity, there is no silver bullet solution, but businesses should take a series of measures.

Perhaps the most important and wide-reaching is to finally let go of legacy Unicast DNS platforms in favor of an enterprise-grade solution. The process of moving is neither expensive nor time consuming, and it will drastically reduce the likelihood of falling victim to this kind of attack, so there’s no excuse for not doing it.

It’s also important to centralize DNS management through one clearly defined user interface. This step is all about transparency and having a clear view of the overall system risk in order to take adequate and appropriate control measures.

Finally, it almost goes without saying that audit processes must be clearly defined, carried out on schedule and their findings acted upon.

Don’t fall victim

DNS management is not difficult and it doesn’t have to be expensive or time consuming either. Yet it is a topic that many businesses fail to address, perhaps because there is no clear owner when it stretches across multiple business units or functions.

Trends over the past year send out a clear message to businesses across all sectors. It’s time to get DNS management in order, or to face the consequences.