New research has revealed DNS-based attacks cost global organisations an average of over £1.7 million in 2016 alone, with education establishments amongst those affected.

One example is the UK education network, which suffered a DDoS attack in April 2016, resulting in students and teachers in the UK being unable to connect to the apps offered by their university for almost 48 hours.

One in five (19%) of public sector sites and 11% of education bodies affected by DNS attacks say sensitive information was stolen, compared to 16% in the UK overall. A fifth (20%) of public sector and 12% of educational victims also think intellectual property data was lost compared to 15% for UK organisations overall. Some 10% of schools and colleges affected say they needed to take more than one day to recover.

This is in the context of yearly average costs of DNS security breaches now running at £1.7m ($2.2m) for organisations globally, with malware (35%), DDoS (32%), Cache Poisoning (23%), DNS Tunnelling (22%) and Zero-Day Exploits (19%) the main threats.

The findings come from the 2017 Global DNS Threat Survey report, from EfficientIP.

David Williamson, CEO of EfficientIP, pointed out that the imminent (May 2018) arrival of the General Data Protection Regulation (GDPR) should sound loud alarm bells for CIOs and CISOs working in the sectors. “In less than a year, GDPR will come into effect, so organisations really need to start rethinking their security in order to manage today’s threats and save their businesses,” he added.

To read the full report, click here