Most Fortune 50 companies unprepared for major DNS attack

New WAF attack timelines show the start and end of a threat.
No more logs. See how →

ThousandEyes has found that 68 percent of the top 50 companies on the Global Fortune 500 rankings are not adequately prepared for the next major attack on the DNS. Additionally, researchers found similar vulnerability among 44 percent of the top 25 SaaS providers, as well as 72% of the FTSE 100 companies.

major DNS attack

“Because Digital Experience is so central to a brand’s success these days, it’s critical that businesses understand that not all DNS infrastructures are created equal — performance and risk exposure varies widely between providers and geographies, so they need to be aware and base decisions on data relevant to their market,” said Craig Matsumoto, Senior Analyst at 451 Research. “Moreover, very basic DNS architectural decisions matter. In this day and age, not properly architecting for potential attacks is a major risk factor that businesses need to mitigate immediately, if they care at all about their website or services being discoverable on the Internet.”

Key findings

Leading enterprises and SaaS providers remain needlessly vulnerable: DNS best practices are not widespread in major enterprises and SaaS providers, exposing them to severe risk and potentially making them vulnerable to the next attack such as Dyn experienced nearly two years ago.

Not every DNS infrastructure is created equal: DNS performance varies widely for public resolver providers and managed providers across regions and countries. Consideration for managed providers should be based on measured performance, rather than brand, or scope of global presence.

Social and political systems create unpredictability: DNS performance variations correlate to countries known to interfere with Internet behavior, and controls over technology create risks for doing digital business in certain regions.

Cloudflare, Google and OpenDNS are top public DNS performers

Out of fifteen measured public DNS providers, newcomer Cloudflare was found to have overall fastest performance, followed by Google and OpenDNS, both of which improved over their performance in the 2017 ThousandEyes analysis. Top providers varied by region and country. Performance highlights of the 2018 report include:

  • In the United States, Google was the top performer, followed by Cloudflare and OpenDNS.
  • In the UK, Level 3 had the best performance, followed by Google and OpenDNS.
  • In Japan, Cloudflare was the fastest performer, with Google in second and Neustar in third place.

Top managed providers vary by region

ThousandEyes found significant diversity of performance across providers and regions among managed DNS Providers. The top three performers included Cloudflare, Dyn and NS1.

Are you protecting your users and sensitive O365 data from being leaked? Learn how Specops Authentication for O365 can help.