[dns-operations] Fragility of DNS

Danny McPherson danny at tcb.net
Wed Jul 18 16:26:50 UTC 2007 

Mildly relevant to folks here, I think..  I find some of the results
somewhat suspect, but nonetheless..

-danny

---
Original pointer:

http://www.networkcomputing.com/showArticle.jhtml?articleID=201001838

Businesswire article:

http://tinyurl.com/2cj77b (registration required, text below)

Full link:

http://home.businesswire.com/portal/site/home/index.jsp?epi- 
content=GENERIC&newsId=20070717005635&ndmHsc=v2*A1184670000000*B11847046 
32000*DgroupByDate*J1*N1000017&newsLang=en&beanID=1379240094&viewID=news 
_view

Full abbreviated report here:

http://www.mazerovresearch.com/IT_Decision_Maker_Survey_Results.pdf

-----

July 17, 2007 07:01 AM Mountain Daylight Time
New Study Shows Most Internet-Dependent Businesses Losing Costly  
Battle Against DNS Attacks

Despite Deploying Multiple Security Measures, Majority Still Hit by  
Malware; Many Predict High Likelihood of Losing Productivity, Revenue  
– Even Entire Business – If They Were to Experience Significant  
Internet Disruption

DENVER--(BUSINESS WIRE)--A recent independent study of 465 IT and  
business professionals has revealed that companies are having to  
deploy a costly and often complex mélange of security measures to  
keep their DNS (Domain Name Systems) protected from malicious  
attackers. Even so, many businesses remain vulnerable, as over half  
the respondents reported having fallen victim to some form of malware  
attack. Over one third had been hit by a denial-of-service attack  
while over 44 percent had experienced either a pharming or cache  
poisoning attack. Findings showed both external and internal DNS  
servers were equally vulnerable, as both types succumbed to attacks  
with roughly the same frequency.

Mazerov Research and Consulting – an international provider of  
technology and market research – conducted the study on behalf of  
Secure64 Software Corporation.

Internet Dependence

The findings underscore a disturbing trend as businesses are forced  
to find new ways to protect their IT infrastructure from Internet- 
based intrusions, yet are placing an incredibly high degree of  
dependency on continuous Internet connectivity. In this survey of  
businesses decision-makers, over half (54 percent) explained their  
companies are ‘totally or extremely dependent’ on uninterrupted  
Internet connectivity; another 26 percent said their company was very  
dependent. Only 6 percent said their company was not very dependent  
on Internet connectivity. Growing business dependence on Internet  
connectivity is the very vulnerability that allows malware to attack  
DNS.

Reliability, Immunity, Availability Most Important

Not surprisingly, respondents placed a high premium on being able to  
count on their DNS to work consistently and to ward off potentially  
crippling attacks. When asked to name an essential or extremely  
important attribute of a DNS solution, the top five responses included:

Reliability (67 percent)
Immunity to exploits, rootkits and malware (54 percent)
Availability during denial-of-service attacks (52 percent)
Simple to manage (48 percent)
Fast query responses – low latency/high performance (46 percent)
However, respondents admitted that trying to achieve these “must- 
have” DNS characteristics was challenging and required a significant  
investment in time, money and effort. Three-fourths of all  
respondents devote valuable resources to continuously patch their  
operating systems. Others reported having to harden operating  
systems, invest in dedicated firewalls, and add DNS appliances, DoS  
mitigation services and other network security devices. On average,  
respondents typically use at least 3.5 overlapping methods  
simultaneously to shore up their DNS security.

Downtime and Potential Damage, Loss

When asked how long their business could weather being taken offline  
before significant problems occurred, IT personnel were more  
sensitive to the issue than those occupying C-suites. According to  
the study, C-level executives estimated they could withstand losing  
Internet connectivity for just over two hours (126 minutes), whereas  
IT managers estimated it would only be 105 minutes before significant  
problems arose. Other IT personnel – who may be most directly  
responsible for maintaining Internet uptime – estimated an even  
shorter timeframe at an average of 72 minutes.

Respondents were also asked to assess what the likely impact would be  
on the health of their business if they were to experience a loss of  
Internet connectivity for a significant period of time. Maybe most  
alarming was 12 percent of participants claimed they would be  
extremely or somewhat likely to go out of business completely. Other  
responses included:

Loss of productivity (74 percent)
Unable to conduct the most basic business functions (54 percent)
Loss of significant revenue (40 percent)
Brand damage would suffer (39 percent)
When asked what the most catastrophic problem would be in the event  
of a major Internet disruption, 37 percent feared losing email  
whereas 47 percent identified the disruption of other Web-dependent  
services such as e-commerce, VOIP and customer support. Surprisingly,  
only 17 percent indicated that a failure of their DNS – the  
underlying system that makes email and other Web services possible –  
would be their most catastrophic problem.

“IT professionals are clearly facing a Sisyphean task when it comes  
to keeping their DNS secure,” stated Bob Mazerov, founder and  
principal of Mazerov Research. “What’s particularly interesting is  
that most respondents perceived the loss of email and other Web  
services as being a bigger problem than the loss of DNS. This  
suggests an enduring lack of focus, attention and awareness among IT  
and business professionals regarding the important and primary role  
DNS plays within the infrastructure of today’s Internet-dependent  
enterprise.”

About the Research Study

Mazerov Research & Consulting, LLC of Denver conducted the survey of  
IT professionals in February/March of 2007. The Internet-based survey  
was conducted online among 465 respondents nationwide, all with  
authority in their IT department and authority over DNS; among  
decision-makers across a breadth of industries from government to  
manufacturing to media and tourism; and included VARs, Integrators  
and ISPs. Virtually all economic sectors were included. The survey  
was also conducted across company size from under $1 million to over  
$250 million in revenue and from large and small IT staffs. A survey  
of 465 conducted using this method yields a margin of ± 4.5 percent.

Complete survey results are available on the Mazerov Research &  
Consulting Web site at http://www.mazerovresearch.com.

About Secure64

Headquartered in Greenwood Village, Colorado, Secure64 is a software  
developer providing secure, self-protecting, high performing server  
applications. Secure64’s core technology is SourceT®, a patented  
Genuinely Secure™ micro OS designed from the ground up to make the  
micro OS and any applications running on it immune from rootkits and  
malware, and resistant to network attacks. Unlike conventional  
operating systems with insecure architectures, SourceT does not need  
to be hardened, patched and protected to minimize exposure to  
vulnerabilities. By simplifying and consolidating network  
infrastructures, SourceT-based applications help IT professionals  
reduce the costs and risks from potential security breaches while  
achieving unparalleled levels of reliability and performance. For  
more information, visit www.secure64.com.

About Mazerov Research & Consulting

Headquartered in Denver, Colorado, Mazerov Research and Consulting  
(MR&C) enables its clients to enter the market more effectively,  
garner market share more efficiently, and develop winning programs  
more economically through insightful, thoughtful use of marketing  
research and strategic consulting. We help our clients – small,  
medium and large companies in a broad range of industries – make  
better decisions, launch successful products and services, craft and  
execute more effective marketing and advertising programs, and  
support more effective sales programs. Since 1993, MR&C has helped  
clients develop over $5 billion in new products, improved sales  
performance, and advertising programs.

More information about the dns-operations mailing list