No Comments

Global Telcos Worst Hit By DNS Service Attacks In 2020

DNS services are the most attacked part of telcos’ networks, according to the recently released Telecoms.com Annual Industry Survey.1.

Of those surveyed, 16% claimed their DNS services suffered the most attacks. This was closely followed by attacks on network infrastructure elements like network bandwidth and network protocols (15%), and on-premises applications and infrastructure (11%).

When asked how they were tackling DNS security, 47% of respondents said they were focusing on defending against volumetric DNS DDoS attacks. This correlates with recent network data from Nokia2, which reported that DDoS traffic soared by up to 50% during the first peak of the COVID-19 pandemic.

The second most broadly engaged defensive strategy was to safeguard against Advanced DNS attacks, such as DNS random subdomain attacks (39%). This was followed by protecting against DNS Protocol attacks, such as malformed DNS packets (38%), and against DNS protocol abuse, such as DNS tunnelling (34%).

A mix of security challenges

Despite DNS services being most prominent in attackers’ crosshairs, they are not viewed as the most difficult to protect.

For 24% of respondents, cloud-based apps and cloud infrastructures currently represent the biggest security headaches. Other perennial challenges include network infrastructure elements (21%) and on-premises applications and infrastructure (18%). DNS services took the fourth spot (12%), indicating either maturity of DNS service defensive measures or a general underestimation of the challenge.

"The reasons that the telecoms industry has found cloud infrastructure and cloud applications particularly hard to defend might come down to the fact that cloudification is new for most telecoms companies, and that cloud adoption forces them to think beyond traditional security perimeter models," said Bart Salaets, Senior Director of Solutions Engineering at F5.

Another key survey finding was that 27% of respondents said they were using security services offered by a public cloud provider when they migrated. A quarter were using third-party (managed) cloud-based security services. As many as 29% said their businesses were not planning to migrate any applications to the public cloud environment.

The study also found that some applications require extra, application-level protection. Over half (51%) of all the respondents identified subscriber portals as the top priority in this respect, likely driven by closer regulatory scrutiny over user data protection.

In addition, 26% of respondents believe that OSS/BSS systems require application-level protection, and many of them specifically noted that the security of fintech apps should also be strengthened.

Security investments on the rise

76% of respondents said their company would either maintain their spending level or increase their budget in the next year. Another 23% said their budget would increase significantly, while 28% said that spending would rise modestly.

Network layer security was rated as the top priority for 2021 (33%), followed by protecting user control and access (21%), and application security (18%).

"As digital transformation deepens, telecoms businesses, in particular telecoms operators, are becoming more like IT companies. Therefore, their security strategies should broaden from defending the network infrastructure to the whole system, covering both on-premises assets and those in the cloud," Salaets added.

"What is most attacked, or hardest to defend, is not always the same. That means smarter decisions need to be made how to spend security budgets"

Cyber Gear Webinar Series