39 percent of EU Businesses Suffering Data Theft

They are also paying €734,000 per DNS attack; DNS-based malware most prevalent in Europe

EfficientIP, a leading specialist in DNS security to ensure service continuity, user protection and data confidentiality, revealed the European results of its 2018 DNS Threat Report.

The research explored the technical causes and behavioral responses towards DNS-based threats and their potential effects on businesses across the world. Globally, 77 percent of organizations faced DNS attacks in the past year with each attack costing European businesses an average of €734,000. The consequences of not securing DNS increases the risk of data loss, service downtime, compliance failure or compromised public image.

David Williamson, CEO of EfficientIP, said: “New regulation made it necessary for every organization to ensure the data they keep is secure. Surprisingly, our research shows European organizations have invested the least globally in technology, which can prevent data theft. This could be a reason as to why the region had the most data stolen. In the year ahead, it will be interesting to see how European companies will prevent data theft and avoid regulatory fines."

DNS attacks cost European businesses the most
DNS is the gateway to every corporate network and malicious actors are targeting it as a way to steal sensitive information. The research shows the average cost per DNS attack for European organizations has risen by 43 percent over the past year to €734,000, much higher than their North American and Asia Pacific counterparts.

French organizations had the highest cost per attack at €847,000 and the UK had highest cost increase at 105 percent to €684,000. German organizations have reduced the impact of DNS attacks over the last year, increasing only by 15 percent this year.

Attacks dent revenue, but cloud services are better protected
On an average, European companies suffered the most data theft at 39 percent, higher than the global average at 33 percent. Nearly half of French organizations admitted to losing sensitive data (48 percent) and UK companies suffered the least in the region at 32 percent.

A third of European organizations had their websites compromised, with nearly half (48 percent) of Spanish organizations admitted to website downtime. A quarter (25 percent) of French organizations suffered loss of business as a consequence of DNS attacks.

European organizations are more effective than their global peers at protecting their cloud services. On an average, a third (34 percent) of European businesses suffered cloud downtime, lower than the global average at 40 percent. Within the region, France has the most cloud outages due to DNS attacks at 41 percent, whereas, Germany was the lowest at 28 percent.

DNS-based malware most prevalent in Europe
The top five DNS-based attacks in Europe reflect the global top five, with DNS-based malware (39 percent) being the most popular attack faced in the region, followed by phishing at 34 percent, DNS DDoS attacks at 20 percent, DNS tunneling at 19 percent, and domain lock-up at 18 percent.

DNS-based malware were more prevalent than anywhere else in world, with Germany facing the most attacks at 44 percent. Spanish organizations faced more DNS tunneling attacks at 24 percent than their European peers.

European businesses underinvest in keeping data confidential
DNS is recognized as a prime target for data exfiltration. Protecting the DNS requires monitoring and analysis of traffic to identify threats once they enter the corporate network. Conventional end-point and firewall technologies primarily focus on protecting the perimeter of every corporate network, therefore they are redundant once the threat moves inside.

European companies prioritized investment in securing network endpoints (38 percent), monitoring and analysis of DNS traffic at 36 percent, and followed by firewalls at 20 percent. It’s positive to see DNS investment move into the top three, but more can be done in this area, and it maybe why European organizations had the most data stolen within the last year.

Tags assigned to this article:
EU Businesses data theft DNS Attacks


Around The World