Telecoms industry and DNS attacks: attacked the most, slowest to fix


Yahoo, Equifax and Verizon are just some of the few of the countless data breaches that have made recent headlines. New research by EfficientIP reveals telcos are next.

The Domain Name System (DNS) is a particularly vulnerable layer of IT which, if continued to be left neglected, will get telco CEOs in front of the press. Telco organisations have the largest DNS infrastructure, putting them at larger risk of an attack.

One in five (21%) telcos suffered four DNS attacks in 2016; telcos were subjected to more attacks than any other industry surveyed. A quarter of telco organisations admitted they have lost sensitive customer information as a result of a DNS attack. This is higher than any other sector surveyed.

Have you heard any of this in the news? Likely not because it never made the news. But when GDPR arrives on the 25th of May, all of these breaches will reach public ears, causing a woeful amount of brand damage. Not to mention the fee added to the £460,000 they already spend per attack.

EE, TalkTalk and other recent outages remind us of the pressure telecoms and their networks are beginning to face due to the rise of edge computing, mobile app usage and on-demand videos to name a few.

The findings from new EfficientIP research on the global telecoms industry shows how much access into DNS Server is valued by cyber criminals. A successful cyber breach on a telecoms organisation could lead to a loss of revenue for businesses due to slower internet connections and no landline telephone services. The research found three key themes:

Global and industry specific trends on DNS attacks

  • DNS-based attacks cost organisations globally £1.7 million on average every year across several industries.
  • 76% of all organisations globally were subjected to a DNS attack in the past twelve months, and 28% suffered data theft.
  • 42% of all respondents in the UK spent almost an entire business day (six hours) to restore their systems.
  • Top five security threats for Telecoms organisations are: DDoS (42%), Malware (36%), DNS Tunnelling (31%), Cache Poisoning (28%) and Zero-Day Exploits (20%).

Telecoms targeted most by DNS attacks and pay the most to fix cyber breaches

  • Telecoms have suffered more attacks than any other surveyed. Telecoms organisations admitted to having faced four attacks on average over the last twelve months.
  • The average cost to fix a single attack is £460,000 in the telecoms sector, highest in the survey. To put that into perspective, the average cost for the healthcare sector is £210,000. Furthermore, 5% of telecoms organizations surveyed admitted an attack cost them more than £3.75 million.
  • A quarter of telecoms organisations (25%) admitted they have lost sensitive customer information as a result of a DNS attack. This is higher than any other sector surveyed.
  • For 42% of telecoms companies surveyed, attacks resulted in in-house application downtime, which causes poor customer experience online. This number is the highest in the survey, tied with education (42%) and services (42%), followed closely by manufacturing (39%) and retail (37%), the lowest number going to the public sector (28%).

Telecom companies unprepared and slow to fix DNS cyber attacks

  • As recent cyber-attacks showed how crucial patching was to avoid easy exploits, telecoms have only applied an average of four patches out of the 11 critical patches recommended by ISC in 2016.
  • It took longer for telecoms organisations to mitigate the attack. 40% of telecoms organisations admitted it took them six hours (almost a full working day) to mitigate a DNS attack. In contrast, over half of retailers only took one hour to fix the issue.

EfficientIP’s CEO, David Williamson, points out that recent news makes it more urgent than ever Telecoms organisations protect their networks from DNS-based attacks and improve their network management tools. He said:

“Telecoms organisations need to adapt to the new surge of cyber-attacks and cannot use yesterday’s security technology for today’s problems, otherwise short and long term costs could strike a severe blow to company revenues.”

“To face recent industry challenges and customers’ high performance expectations, the communications sector needs to change their approach to network management and incorporate automation as quickly as possible.”

This site uses cookies, tokens, and other third party scripts to recognize visitors of our sites and services, remember your settings and privacy choices, and - depending on your settings and privacy choices - enable us and some key partners to collect information about you so that we can improve our services and deliver relevant ads.


By continuing to use our site or clicking Agree, you agree that Rapid Mobile and our key partners may collect data and use cookies for personalized ads and other purposes, as described more fully in our privacy policy.


You can change your settings at any time by clicking Manage Settings or by visiting our Privacy Centre for more detailed information.


Cookie Services

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

These cookies are necessary for the website to function and enable essential services and functonality, including identify verification, service continuity and site security. Opt out is not availabe.

Essential Session management cookies for logged in users
  • wordpress_test_cookie
  • wordpress_logged_in_
  • wordpress_sec

For perfomance reasons we use Cloudflare as a CDN network. This saves a cookie "__cfduid" to apply security settings on a per-client basis. This cookie is strictly necessary for Cloudflare's security features and cannot be turned off.
  • __cfduid

We use WooCommerce as a shopping system. For cart and order processing 2 cookies will be stored. This cookies are strictly necessary and can not be turned off.
  • woocommerce_cart_hash
  • woocommerce_items_in_cart

Used by Spamshield to stop spam signups
  • _wpss_h_
  • _wpss_p_

Decline all Services
Accept all Services