76% of US and UK organisations have fallen victim to a Domain Name System (DNS) attack, with 49% experiencing one in the past 12 months.
According to the study by commissioned by Cloudmark and conducted by Vanson Bourne, the most common DNS attacks were DDoS (74%), DNS exfiltration (46%), DNS tunnelling (45%) and DNS hijacking (33%).
A third of respondents confirmed that they had lost confidential customer information, but despite these serious business implications, 44% found it difficult to justify DNS security investment.
Those 44% cited the fact that their senior management does not see DNS security as an issue, as the main barrier to investment. This is in contrast to the 55% who said that the theft of private or confidential data was a major concern to their organisation.
"The survey findings suggest that large organisations are not only inadequately protecting company intellectual property against DNS attacks but more needs to be done to help educate businesses on the methods used by DNS attackers," said Neil Cook, chief technology officer at Cloudmark.
"While DDoS threats continue to be a common method of attack to siphon off valuable resources, organisations need to review their security solutions to ensure they can protect against a multitude of other attacks including DNS exfiltration and DNS tunnelling, particularly in industries where high-value data is held, such as retail and financial industries."
"Once an organisation’s data is in the hands of cyber-criminals, the brand reputation, customers and ultimately revenue of that organisation can be severely affected."