EfficientIP’s 2016 global DNS security survey doesn’t just show the global picture; it lets us drill down into regional differences between various major marketplaces. We’ve already looked at the results from the USA and European markets, and in this second in a series of regional explorations, we’re now looking at the results from Asia, from which EfficientIP interviewed 200 different companies as part of its survey.
Asia is home to many of the world’s most advanced economies, driving the global economy with its exports. It’s also the home of some of the fastest growing ones, jumping straight into the information age, building smart cities and implementing digital citizenship programs. With increasing reliance on digital technologies, APAC is becoming a growing target for online criminals, one where enhanced security tooling can make a big difference very quickly.
Globally, APAC had the best awareness of attack types, understanding that the DNS could be at risk and that there were a range of different mechanisms that could be used to attack their networks. Even so, more than 51% of the respondents had been affected by application downtime – with 23.9% having had intellectual property stolen as a result of an attack.
A focus on business continuity shows APAC has a more advanced response to attacks than the rest of the world too. Nearly three times as many APAC businesses added bandwidth than in the UK, where only 10.8% responded to attacks in this way. Instead of shutting down after an attack, 29.3% of APAC respondents added network capacity, while a similar number tuned their services to better cope with the attack. A quarter of respondents also switched to alternate sites, allowing them to continue running the business while the attacker concentrated on the original site. Staying up and running while under attack is one of the best possible responses: it denies the hackers what they want.
While much of APAC’s response to DNS attacks is admirable, there are still some issues that can be addressed with technologies like hybrid DNS. The speed to response is one. APAC businesses needed more people to mitigate an attack overall than in the US and Europe – more than 5 people were needed in Asia at 13.3% compared to 9.6% for US, and 9.9% for Europe.
The region was also ranked highest globally for attacks between 1 and 5Gbps. 23.4% of businesses experienced high volume attacks, a number that’s almost 10% more than the US at 15.7%. Similarly, it took longer to patch DNS servers, with almost 15% taking more than a week to install a patch from the time of notification of the vulnerability. This is almost three times longer than Germany (5.2%, who are renowned for process and efficiency), and roughly twice more than the US (8.6%).
Those issues cost 16% of APAC businesses between $1M and $5M, almost twice as much as Germany (8.2%), but less than France (17.5%). The growing number of attacks against APAC also led to a loss of more than $5M for 5.3% of its businesses, the highest globally.
As Asia continues to grow and evolve, building some of the world’s most advanced digital societies, network security is going to become increasingly important. Projects like Digital India or Singapore’s Smart Nation are mixing a range of digital technologies, from the Internet of Things, to social networking, to building interconnected networks that link all aspects of a country and takes nations forward. Networks like these are particularly attractive to attackers, and will need deep security at all levels – especially unconventional attack surfaces like DNS.