Businesses wide open to DDoS attack and DNS failure, shows research

Few companies are prepared for distributed denial of service (DDoS) attacks and Domain Name System (DNS) failures, according to research

Most organisations are ill-equipped to deal with web infrastructure failures caused by distributed denial of service (DDoS) attacks and Domain Name System (DNS) failures, research has revealed.

There is an urgent need for robust DDoS protection, reliable and secure DNS infrastructure and advanced threat intelligence, according to two research studies commissioned by internet infrastructure services firm VeriSign.

An online survey of 225 IT decision-makers in the US revealed 78% are extremely or very concerned about DDoS attacks; and 67% expect the frequency and strength of DDoS attacks to increase or stay the same in the next two years.

Nearly two-thirds of respondents who reported a DDoS attack in the past year said they sustained more than one attack, with 11% being hit six or more times.

More than half of respondents said they experienced downtime in the past year, with DDoS attacks accounting for a third of all downtime incidents; with 67% admitting their downtime affected customers and 51% reporting lost revenue.

"This research illustrates the dire costs of insufficient web and network protection to businesses spanning all industries," said Ben Petro, senior vice-president of Verisign's Network Intelligence and Availability Group.

When a DDoS attack or DNS failure hits a website or network, companies lose significant revenue and employee productivity. They also risk decreasing customer satisfaction and loyalty, Petro said.

Considering 60% of the respondents rely on their websites for at least 25% of their annual revenue, downtime can have significant and lasting impacts.

A separate study sheds light on the need for solutions that ensure DNS availability, which was shown to be a problem for even the highest ranked e-commerce sites.

The study calculated the minimum, maximum and average availability of the Alexa 1,000 websites in the first quarter of 2011 to illustrate the state of global DNS availability.

The research revealed stark differences between sites with internally managed DNS and those that employ third-party managed DNS services. For sites that host their own DNS, minimum DNS availability on average dropped to 90.13% compared with sites using third-party managed DNS services, which averaged a minimum DNS availability rate of more than 98%.

When examining minimum availability overall, the research showed some sites with internally managed DNS had total outages, while sites with third-party DNS management never went below 50% availability. Similarly, average downtime for sites that host their own DNS is twice that of those that use a third party.

Most enterprises do not have the resources and expertise to set up such extensive systems for their internally managed DNS, which may make them more vulnerable to availability problems, the study concluded.

Read more on Hackers and cybercrime prevention