DNS Security Threats

Patricia Du サムネール
Patricia Du
Published August 11, 2016

With the promise of the Internet of Things (IoT) and 5G on the horizon, industry analysts project there will be 25 billion connected devices worldwide by 2020. Service providers believe that to handle this explosive growth in the number of devices and applications, they will face tremendous pressure to build networks that are secure and scalable.

A February 2016 survey and subsequent report on The Future of Mobile Service Delivery, authored by Jim Hodges, senior analyst of Heavy Reading, explains how service providers view the DNS domain as another key area of security vulnerability. Operators also believe that new services such as VoLTE, video, network functions virtualization (NFV), IoT, and 5G will introduce new and unique security challenges. The large number of diverse devices connected to the network could become targets for attacks and denial-of-service attacks.

The full challenges haven’t been fully understood, and service providers are still learning about IoT and next generation 5G network security requirements. In the meantime, almost half of survey respondents believe that DNS security threat levels are clearly on the rise.


DNS Attack Levels

Service providers believe some types of DNS attacks are much more difficult to manage than others. The hands-down winner is volumetric attacks—the toughest to handle among volumetric, trickle, cache poisoning, and DNS tunnel vector attacks.


DNS Attack Types

More than half of those surveyed have taken an “all available means” approach to mitigating DNS attacks. But 15 percent of respondents aren’t using any methodical, policy-based approach, such as threshold control. What is clear is that service providers prefer to manage DNS threats using a mix of ad hoc and policy-based approaches.

See a snapshot of additional survey results, view Hodges’ full Heavy Reading report, or find out how F5 helps service providers manage and combat attacks with carrier-grade DNS and security solutions.