Monday,25 November, 2024

Subscribe to Newsletter

HOME
  NEWS
  Knowledge Center
 
News

Four out of Five Enterprise Networks Show Evidence of Malicious DNS Activity, According to Infoblox Security Assessments

Published Jun 19, 2016

Infoblox Inc., the network control company, today announced results of the Infoblox Security Assessment Report for the first quarter of 2016, which finds that 83 percent—more than four out of five—of enterprise networks tested by Infoblox show evidence of malicious DNS activity.

Infoblox, an industry leader in securing Domain Name System (DNS) infrastructure, offers free security assessments to customers and prospective customers, identifying DNS queries inside an organization’s network that are attempting to reach known malicious or suspicious domains. External threat data from these evaluations is anonymized and aggregated to produce the Infoblox Security Assessment Report.

In the first quarter of 2016, 519 files capturing DNS traffic were uploaded to Infoblox for assessment, coming from 235 customers across a wide range of industries and geographies. Infoblox found 83 percent of the files showed evidence of suspicious DNS activity.

“This result is consistent with what security professionals have been saying for some time: Perimeter defense is no longer sufficient, because almost all large enterprise networks have been compromised to a greater or lesser extent,” said Craig Sanderson, senior director of security products at Infoblox. “The new mandate for enterprise security teams is to quickly discover and remediate threats inside the network, before they cause significant damage.”

Among the specific threats found in files during the first quarter, by percentage, are:

Botnets – 54%
Protocol anomalies – 54%
DNS tunneling – 18%
ZeuS malware – 17%
Distributed denial of service (DDoS) traffic – 15%
CryptoLocker ransomware – 13%
Amplification and reflection traffic – 12%
Heartbleed – 11%
“The prevalence of these attacks shows the value of DNS in finding threats aimed at disrupting organizations and stealing valuable data, as well as the extent to which organizational infrastructure can be hijacked to mount attacks on third parties,” said Sanderson. “The good news is that DNS is also a powerful enforcement point within the network. When suspicious DNS activity is detected, network administrators and security teams can use this information to quickly identify and remediate infected devices—and can use DNS firewalling as well to prevent malware inside the network from communicating with command-and-control servers.”

Infoblox delivers actionable network intelligence through advanced technologies that analyze DNS traffic to help prevent data exfiltration; disrupt advanced persistent threat (APT) and malware communications; and provide context around attacks and infections on the network. More information on Infoblox security solutions is available at www.infoblox.com/security.

The full Infoblox Security Assessment Report for the first quarter of 2016 is available at www.infoblox.com/resources/report/infoblox-security-assessment-report-2016-q1. Organizations seeking a free Infoblox security assessment should visit www.infoblox.com/free-malware-report.

While the security assessment report looks at suspicious activity inside networks, the quarterly Infoblox DNS Threat Index tracks the efforts of cybercriminals to build external DNS infrastructure for staging attacks. More information on the threat index is available at www.infoblox.com/dns-threat-index.



Rate This:

Posted by VMD - [Virtual Marketing Department]


Poll
What is your favourite search engine?
Google
Yahoo
Bing

Most Viewed
  Riverbed Launches Industry’s Most Complete Digital Experience Management Solution

  Credence Security to Address Growing Market for GRC Solutions in Middle East Through Partnership with Rsam

  New Mimecast Archive Cloud Capability Streamlines GDPR Management for Email

  Planning and Scheduling Software–Helping Manufacturers Keep Their Customers Happy

  Farsight Security and Infoblox Provide Zero-Hour Protection Against Cyberattacks Due to New Domains

  Fujitsu Launches High-Security Biometric Authentication Solution for Active Directory IT Environments

  Rackspace Wins 2017 Red Hat Innovator of the Year Award

  ServiceNow Survey Shows 2018 as the Year of Automation for Routine Enterprise Work

  4 Tech Hacks to Faster Customer Onboarding

  New Mimecast Report Detects 400% Increase in Impersonation Attacks