Infoblox’s quarterly DNS Threat Index has hit a record high of 133—up 58% from the second quarter of 2014—due to a surge in phishing attacks based around malicious domains. Phishing, a time-tested weapon of cybercriminals, involves sending emails that point users to fake web sites—mimicking a bank’s home page, for example, or a company’s employee portal—to collect confidential information such as account names and passwords or credit-card numbers.
Another significant contributor to the index’s record high is the growing demand for exploit kits. These packages of malicious software are typically hidden on web sites that appear to be innocuous, but download malware whenever a user visits—even if the user takes no action. Infrastructure for exploit kits accounted for 41% of malicious domain creation in the second quarter of 2015.
The Infoblox DNS Threat Index, which is the first security report to analyse the creation of malicious domains, has a baseline of 100—the average of quarterly results for the years 2013 and 2014. In the first quarter of 2015, the index stood at 122, and has now jumped an additional 11 points to a record high of 133 in the second quarter, and the trend is unfortunately heading up, as this is the third consecutive quarterly rise.
“DNS is critical infrastructure for the Internet that can’t be turned off. Through our analysis, it’s apparent that cybercriminals recognise this and see DNS as a vector for penetrating government, corporate, and personal networks,” said Rod Rasmussen, CTO at IID.
“DNS sits at the centre of the Internet, connecting people, applications, and devices—making DNS a powerful tool for protecting networks as well as penetrating them,” said Craig Sanderson, senior director of security products at Infoblox. “Organisations can enhance their security by acquiring and understanding DNS threat intelligence data, then using that data to block access to malicious domains.”
The full Infoblox DNS Threat Index report for the second quarter of 2015 is available for free, with no registration required, at www.infoblox.com/dns-threat-index.