SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Telcos plagued by DNS attacks, but budgets should focus elsewhere
Thu, 14th Jan 2021
FYI, this story is more than a year old

This year may well bring a rise in security budgets for telecommunications firms as they invest in more robust security to protect themselves against threats, including DNS service attacks that cause headaches for those in the industry.

A recent telecoms.com Annual Industry Survey found that DNS services suffered the most attacks in 2020, with 16% of respondents reporting DNS service attacks on their organisation. Network infrastructure attacks, particularly on bandwidth and network protocols also topped the list (15%), followed by on-premise application and infrastructure attacks (11%).

 47% of respondents said they were focusing on defending against volumetric DNS DDoS attacks, followed by protecting against advanced DNS attacks, such as DNS random subdomain attacks, DNS protocol attacks, and DNS protocol abuse.

However, DNS services are not the most difficult to protect against attacks - instead, cloud infrastructure and cloud-based apps are the biggest security headache, according to 24% of respondents. DNS service protection was listed fourth, while network infrastructure elements and on-premise applications and infrastructure were more of a hassle.

“What is most attacked, or hardest to defend, is not always the same. That means smarter decisions need to be made how to spend security budgets,” comments F5 senior director of solutions engineering, Bart Salaets.

In order to protect themselves against these threats, 76% of respondents noted that they would maintain or increase security spending in the year ahead.

This spending will be focused on a few key areas: Network layer security, user control and access protection, and application security.

“As digital transformation deepens, telecoms businesses, in particular telecoms operators, are becoming more like IT companies. Therefore, their security strategies should broaden from defending the network infrastructure to the whole system, covering both on-premises assets and those in the cloud,” explains Salaets.

When respondents migrated to cloud, telecommunications firms often look to security services offered by public cloud providers (27%) of respondents, while 25% use managed cloud-based security services. Further, some (29%) don't plan to migrate to the cloud at all.

“The reasons that the telecoms industry has found cloud infrastructure and cloud applications particularly hard to defend might come down to the fact that cloudification is new for most telecoms companies, and that cloud adoption forces them to think beyond traditional security perimeter models,” says Salaets.

The survey also asked respondents what areas could need additional application-level protection. More than half of respondents named OSS/BSS systems as needing this type of protection.