Percentage of malicious domains is rising, requiring training and DNS protection
New data from DNSFilter finds that threat levels have increased year-over-year, with malware remaining the most significant — accounting for more than half of threat queries on the DNSFilter network. These findings are a stark reminder that all employees, regardless of technical skill level, need robust cybersecurity education and training as risks multiply.
Data from DNSFilter’s network shows that the percentage of unique domains the company’s users tried to access (but were blocked as threats) rose from 1.6% in Q3 2023 to 3.6% in Q3 2024 – a significant increase. Malicious domain queries represented more than 16.6 billion potential threats between July and September 2024. These threats include malware, phishing and deception, and botnet domains.
DNS remains a significant attack vector for malicious actors, with different industries facing specific types of threats. DNSFilter’s research found:
- Technology and education sectors have a high occurrence of phishing and deception sites. This necessitates a multi-pronged security strategy.
- The manufacturing sector is much more likely to encounter malware than phishing, which could be because it depends on legacy systems, which are usually easier to exploit.
- Crypto mining requests are the biggest threat in the telecommunication sector. Though the industry is a key target for cryptojacking, many companies still do not have policies for blocking crypto mining, which exposes them to avoidable security risks.
The data also shows that bad actors are making the most of current events.
- During the Paris Olympics, DNSFilter saw a sharp spike in traffic to potentially malicious domains containing the word “Olympic.” For example, on August 1, the spike peaked by a massive 546% above average for this time.
- With the advent of hurricane season, there was heightened activity in domains with the word “hurricane.” Malicious queries surged on Sept. 27 by 460% over the daily average for domains with this word.
Ken Carnesi, CEO and co-founder, DNSFilter, said: “Bad actors take advantage of both the highs and lows of life. Any person at any organization has the same chance of encountering a malicious link. The standard cyber hygiene tips apply: use unique passwords, verify who you are ‘talking’ to before handing over credentials, and think before you click. That last one is easy to forget sometimes, especially when people are in a hurry, so organizations need to leverage protective DNS to better safeguard employees.”
Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!