Malicious DNS attributes of 70% of Phishing and Crypto mining according to Cisco

A recent report from Cisco indicates that phishing and crypto mining accounts for more than 70% of DNS traffic. Furthermore, there is an alarming level of crypto mining in the technology industry than in any other field.

The main challenge comes with employees who have little or no understanding of the crypto field. They then go ahead to input miners in computers which in turn cause blocks. However, the financial space scored quite well since employees are trained on the risks and violations in cryptocurrency. Cases of crypto mining are therefore unheard of in this case.

On the other hand, ransomware cases accounted for about 6% an inch higher than crypto mining cases. According to the report, trojan-related activity combined with Ryuk and the Revil contributed to 5% of DNS Activity. Despite any form of cyber threat, companies are responsible for safeguarding their systems by using threat intelligence and robust security frameworks. Neustar International Security Council recently conducted a survey where cyber-security experts had anticipated a rise in DNS Security Threats. Indicators then prompted cyber Experts to safeguard their DNS systems attributing to about 59%. The rise in complexity and growth of the DNS threats makes more than 30% of cyber experts lack the confidence to combat threats when they emerge.

The manufacturing industry closely rivals the technology sector in cases of malicious DNS activity. There was recorded a 50% crypto mining activity and 20% ransomware cases on DNS activity. The manufacturing sector seems to be the new ground for destructive ransomware attacks. Big game hunting is considered the most significant trigger to the rise in ransomware attacks in this sector. Radical measures are called upon to avert the effects of ransomware, crypto mining, and phishing on the growing manufacturing industry.

Emotet and Trickbot Trojans are closely linked in DNS activity front/. The financial sector leads in cases of phishing and Trojans. Phishing attacks attributed a 46% level while Trojans took a 30% stake. According to the report, the sector is targeted more due to the many gaps and efficiencies that exist and the end goal, which is money. Despite the strides made in safeguarding financial bases from cyber threats, a lot is still at hand.

The SolarWinds case is still under investigation where personal data was highly manipulated in the attack. The SolarWinds attack led to the revelation that IT threats are susceptible to some industries more than others.

The financial sector leads with the highest level of data manipulation threats, leading to massive loss of resources. Half of all related financial companies globally have witnessed at least one malware attack on their systems, the report stated. The SolarWinds case shows how Sunburst malware was used to attack the DNS server. After looking at various DNS requests, the attacker would then base their response on the company’s preparedness. After careful consideration, the attacker would then see if it is worthy of launching another attack. Once the target is deemed worthy, a DNS callout is established to receive commands to continue running the attacks, eventually leading to a shutdown. 


Must read


Related Posts