Home » Topics » Cybersecurity » Most FTSE 100 companies are not ready for the next major DNS attack

Most FTSE 100 companies are not ready for the next major DNS attack

Avatar photoby Andrew Ross

A new report from ThousandEyes has found that 72% of the Financial Times Stock Exchange (FTSE) 100 companies are not fully prepared for the next major attack on the domain name system (DNS).

According to their Global DNS Performance Report,  ThousandEyes also found similar vulnerability among 68% of the top 50 companies on the Fortune 500 rankings and 44% of the top 25 SaaS providers.

“Because Digital Experience is so central to a brand’s success these days, it’s critical that businesses understand that not all DNS infrastructures are created equal — performance and risk exposure varies widely between providers and geographies, so they need to be aware and base decisions on data relevant to their market,” said Craig Matsumoto, Senior Analyst at 451 Research.

>See also: DNS attacks – the forgotten vector that will cost millions

“Moreover, very basic DNS architectural decisions matter. In this day and age, not properly architecting for potential attacks is a major risk factor that businesses need to mitigate immediately if they care at all about their website or services being discoverable on the Internet.”

According to a spokesperson from ThousandEyes, DNS best practices are not widespread in major enterprises and SaaS providers, exposing them to severe risk and leaving themselves vulnerable to the next attack such as Dyn experienced nearly two years ago.

>See also: DNS-based attacks ‘cost businesses more than $2M annually’

DNS performance varies between public resolver providers and managed providers across regions and countries. Consideration for managed providers should be based on measured performance, rather than brand, or scope of a global presence.

DNS performance variations correlate to regions known to interfere with Internet behaviour, and controls over technology create risks for doing digital business in specific areas.

>See also: Securing DNS against threats from the Internet of Things

“Without DNS, there is no Internet. It’s how users find a company’s apps, sites and services on the Internet. A DNS performance issue or attack can have a critical impact on customer experience, revenue, and brand reputation,” said Angelique Medina, senior product marketing manager at ThousandEyes. “The ThousandEyes report highlights vital insights that can help organisations design a more effective DNS infrastructure — because even the most basic DNS decisions can determine how a company’s application or service, and ultimately how their overall brand, is perceived.”

Avatar photo

Andrew Ross

As a reporter with Information Age, Andrew Ross writes articles for technology leaders; helping them manage business critical issues both for today and in the future

Related Topics

DNS
DNS attack

Related Stories

Cybersecurity

How AI will shift the security landscape in 2024

The impact of AI within cybersecurity is expected to grow significantly this year, says Alex Holland, senior malware analyst at HP

AI & Machine Learning

NCSC releases guidelines for secure AI development

New guidance from the National Cyber Security Centre (NCSC) aims to help businesses securely innovate with AI and minimise risks

Cybersecurity

3 cybersecurity compliance challenges and how to address them

Earning those trust seals can strengthen relationships with board members and prospective customers, but it sure isn’t easy.

Cybersecurity

70% of UK firms reported cyber insurance changes in past year

According to research from Databarracks, seven in 10 UK businesses have seen changes to their cyber insurance in the past 12 months, as requirements rise