As more organizations migrate to the cloud, cybercriminals and bad actors are following that trend and are targeting the cloud more frequently, according to a new report.
And, the increased adoption of cloud services during the COVID-19 pandemic could be playing a role, says a joint report from DNS security firm EfficientIP and International Data Corp.
Social distancing guidelines have forced millions of workers to work out of their homes, so organizations are shifting business-critical applications to hybrid-cloud environments. However, that’s increasing the attack surface, the report says.
As the number of business-critical applications hosted in hybrid-cloud environments has increased, so has the attack surface for cybercriminals. The Threat Report shows that companies that suffered cloud service downtime increased from 41% in 2019 to 50% in 2020, a sharp growth of nearly 22%. The increased adoption of cloud services during the global COVID-19 pandemic could make the cloud even more attractive for attackers.
In-house app downtime remained extremely high: 62% this year compared to 63% last year. As a whole, application downtime—whether in-house or in the cloud—remains the most significant result of DNS attacks; of the companies surveyed, 82% said that they had experienced application downtime of some kind.
Of those attacks, phishing attacks were the most common, the report said.
This year phishing led in popularity (39% of companies experienced phishing attempts), malware-based attacks (34%), and traditional DDoS (27%). Crucially, the size of DDoS attacks is also increasing, with almost two-thirds (64%) being over 5Gbit/s.
Despite the alarming trend and ability of cybercriminals to adapt to a changing threat landscape, enterprise awareness and cybersecurity defenses are also improving, as the vast majority of respondents said security was a critical component of network infrastructure.
Per the report:
- 77% of respondents in the 2020 Threat Report deemed DNS security a critical component of their network architecture, compared to 64% in the previous year.
- Use of Zero Trust strategies is maturing, as 31% of companies are now running or piloting Zero Trust, up from 17% last year.
- Use of predictive analytics has increased from 45% to 55%.
Ronald David, vice president of strategy for Efficient IP, said in a news release announcing the study that DNS should play a much larger role in the security ecosystem.
That need is exacerbated during a time when any network or app downtime can have severe impacts on your business and ability to support remote workers.