Last month, telco service provider O2’s service went down across the UK. Users were unable to make calls, texts, or surf the internet. The outage lasted just 40 minutes as priority repairs were made. However, thousands of angry tweets were sent to the company in a scene that caused the company damage to its reputation. O2 is not likely to forget this, and neither will its customers, both existing and those that could have been.
The cause of this particular outage is still unclear. But, increasing amounts of time are being spent handling cyber attacks, particularly those that target DNS. EfficientIP’s 2018 Global DNS Threat Report reveals telecom organizations take an average of 18 hours to mitigate each DNS attack.
DNS-based attacks exploit the functionality of accessible DNS resolvers, taking down cloud services and online services, losing companies business and also damaging reputation. These can be a daily headache for many businesses, but telcos feels the sting more than most. The report reveals each DNS attack costs telcos an average of $886,560 up from $622,100 last year – a 42% increase in just 12 months.
However, the effects of DNS attacks can reach far beyond costs. Today’s customers of telcos expect services to run continuously 24/7 and without interruption or loss in quality. Any outage, even one as brief as O2’s, can result in huge loss of brand equity and customers reconsidering their choice of provider.
More services, more problems…
According to our research, telcos are one of the most severely affected by DNS attacks, being subjected to an average of seven attacks per year. Of particular concern is that a full 12% of telcos fell victim 10 times or more in the past 12 months. A fifth of respondents (21%) claimed brand damage was a direct consequence of attacks, 23% suffered loss of business and 38% experienced cloud service downtime.
Since GDPR was implemented, our research shows telcos suffered significant data loss, with 30% reporting sensitive customer information stolen and 15% even losing intellectual property. Customer information being stolen is particularly worrying considering the current climate of sky-high customer expectations. All of this can result in brand damage and rising fines for highly-publicized non-compliance under GDPR and the US CLOUD Act – neither of which are needed when customer loyalty is so low and switching to another provider becomes ever easier.
What is encouraging is that for protecting data confidentiality, 44% of telcos will be putting monitoring and analysis of DNS traffic as their top priority. Long-term positives will hopefully include a decrease in the percentage of telcos falling foul of network attacks via DNS.
Aren’t networks already protected from DNS attacks?
Our research clearly shows networks are not sufficiently protected. Although 94% of telcos understand having a secure DNS network is imperative for their business, our survey overwhelmingly shows they haven’t taken enough action.
Failure to apply security patches in a timely manner is a major issue for organizations. Our research reveals 81% of telco companies took 3 days or more to install a critical security patch on their systems once notified of a vulnerability, leaving them completely open to attacks such as zero-day types.
Adapting telco security solutions to protect DNS
Telcos rely heavily on network availability and the high capacity needed to serve every customer’s request as quickly as possible, even at peak times. A large amount of customer information is at the mercy of the network which is being trusted to perform at the highest levels. Therefore, service continuity and security are business imperatives which a smart DNS security solution can support.
Working with some of the world’s largest telecommunication brands to protect their networks, EfficientIP recommends five best practices:
- First, rethink and simplify DNS architectures by replacing intermediary security layers with an adapted DNS security solution. As well as reducing administration and maintenance costs, this helps guarantee around-the-clock availability of service, a must for today’s telcos.
- To further the reliability of services, apply adaptive countermeasures relevant to threats. This doubly ensures business continuity, even when the attack source is unidentifiable, and eliminates risks of blocking legitimate users.
- Augment your threat visibility using real-time, context-aware DNS transaction analytics for behavioral threat detection. This allows telcos to detect all threat types, and prevent data theft to help meet regulatory compliance such as GDPR and US CLOUD Act.
- Decentralize DNS architecture to cope with heavy growth of traffic across regions and markets. In addition to enhancing user experience, placing purpose-built, high performance DNS servers in Points of Presence (PoP) significantly improves security against DDoS attacks.
- Incorporate DNS into a global network security solution to recognize unusual or malicious activity and inform the broader security ecosystem. This allows holistic network security for telcos to address growing network risks and protect against the lateral movement of threats.
The telco industry has long been a target for hackers. However, our research shows the consequences are worsening significantly each year. With costs per attack increasing substantially, it’s time for all telecommunications companies to secure their businesses, capabilities and data confidentiality with a modern, dedicated DNS security solution.
about how telcos can design their DNS infrastructures for the highest security and performance in 3 case study examplesHigh Performance DNS Infrastructures