DNS Filtering Blog: Latest Trends and Updates | DNSFilter

DNSFilter: Threats by the Numbers

Written by Fikayo Adepoju | Jun 6, 2022 4:00:00 AM

Over the past year, DNSFilter has continued to study threat patterns on our network and across the globe. As Blackhats continue to devise more clever ways of penetrating network protection for their malicious intents, it becomes necessary to stay one step ahead of the cyberwar by taking advantage of network telemetry to detect threat patterns. This helps equip security experts with information such as the types of attacks that are dominant, the threats that are most likely to affect businesses, and the most common and emerging vulnerabilities that threat actors are leveraging for attacks.

On that note, DNSFilter has curated some of the most important threat statistics that you should be paying attention to in the year 2022. We extracted data from our network to derive some interesting insights, and also pulled from reputable external sources for more information on the state of the threat landscape and some projections for the future.

DNSFilter Threat Numbers over the past year

  • By mid-January, 2022, Malware levels rose by over 200%. These spikes persisted throughout the month of April at a 100% average increase from the traffic observed before mid-January.
  • On the DNSFilter network, we noticed a 218% increase in traffic to malicious sites with “health” in the domain name in April of 2022.
  • From November 2021 through the end of the year, we saw a 300% increase in Phishing traffic on our network.
  • At the end of December 2021 and early January 2022, we observed a 171% increase in Botnet traffic compared to the highest peak during the entirety of 2021.
  • In February 2022 we saw a 1200% increase in Botnet traffic compared to the highest daily spike in 2021.
  • Around the time the NSA reported the Sandworm malware deployed by Russian Hacker group Cyclops Blink, the percentage of domain names with the words "blink" and "cyclops" observed on our network rose by approximately 60% compared to the last half of 2021.
  • During the IKEA phishing attack in November 2021, an 88% increase in the number of phishing URLs containing the keyword “ikea” was detected on our network. There was also a surge in phishing traffic as high as 300%.

Externally sourced threat numbers

Threat-Based Statistics

  • The frequency of DDoS attacks grew 11% in the first half of 2021 compared with the first half of 2020, reaching 5.4 million attacks, according to Netscout's "2021 Threat Intelligence Report." Across the world, attacks increased by 479% in Latin America. Comparatively, DDoS attack frequency in the U.S. increased by 7%.
  • In the fourth quarter of 2021, Cloudflare reported a 175% increase in the volume of ransom DDoS attacks compared with the third quarter.
  • Phishing, the most common threat vector, is involved in 36% of data breaches, according to Verizon's "2021 Data Breach Investigations" report.
  • Mobile malware infections saw a small decline in 2021, according to a report from Kaspersky Lab. In the third quarter of 2021, mobile attacks dropped to 9.6 million -- their lowest level in nearly two years.
  • According to Emsisoft's "The State of Ransomware in the US" report, an estimated 2,323 local governments, schools, and healthcare providers were directly affected as victims of a ransomware attack in 2021.
  • More than 90% of cyber attacks begin as spear-phishing emails, according to Trend Micro researchers.

Cost of Threats Statistics

  • The cost of data breaches will rise from $3 trillion each year to more than $5 trillion in 2024, according to the "State of Cybersecurity Resilience 2021" report.
  • A single attack -- be it a data breach, malware, ransomware, or DDoS attack -- costs companies of all sizes an average of $200,000, and many affected companies go out of business within six months of the attack, according to insurance company Hiscox.
  • The average total cost of data breaches in 2021 was $4.24 million, according to the IBM/Ponemon Institute report.
  • According to the same report, breaches in the healthcare industry were the costliest -- $9.23 million on average.
  • The same report states that breaches in the U.S. were the most expensive at $9.05 million, while the Middle East came in second at $6.93 million.
  • Forty-three percent of attacks are aimed at SMBs, but only 14% are prepared to defend themselves, according to Accenture.
  • More than 33 billion records will be stolen by cybercriminals by 2023, an increase of 175% from 2018.
  • By 2027, global spending on cybersecurity training will reach $10 billion, according to Cybersecurity Ventures

General Statistics and Threat Reports

  • According to VMware's "The State of Incident Response 2021" report, 82% of surveyed organizations are concerned their company is vulnerable to a cyber attack. The report also found that 49% of organizations lack the expertise and tools for adequate incident response.
  • Organizations are conducting more application security testing scans than ever before, according to the Veracode "State of Software Security v12" report. In 2021, most firms were scanning applications approximately three times a week -- up from three times a year in 2010.
  • One in 36 devices used in organizations was classified as high risk, according to Symantec. This included devices that were rooted or jailbroken, along with devices that likely had malware installed.
  • Security attacks increased 31% from 2020 to 2021, according to Accenture's "State of Cybersecurity Resilience 2021" report. The number of attacks per company increased from 206 to 270 year over year.
  • The cost of cybercrime is predicted to hit $10.5 trillion by 2025, according to the latest version of the Cisco/Cybersecurity Ventures "2022 Cybersecurity Almanac."
  • Identity fraud losses tallied a total of $56 billion, according to the "2021 Identity Fraud Study" from Javelin Strategy & Research.
  • It takes an average of 287 days for security teams to identify and contain a data breach, according to the "Cost of a Data Breach 2021" report released by IBM and Ponemon Institute.
  • Crowdstrike reported that the volume of cryptojacking quadrupled from 2020 to 2021.
  • The Institute for Application Security in Germany found that one out of every 500 Alexa sites hosts a mining script.
  • From the same study above, it was found that the average data miner earns less than $6 per day. But high earners can make more than $166,000 on a single hack.
  • According to the IBM "Cost of a Data Breach 2021" report, 20% of data breaches were caused at least initially by compromised credentials.
  • The FBI's Internet Crime Complaint Center (IC3) reported an all-time high volume of complaints in 2020 at 791,790. Total losses from those complaints were more than $4.1 billion.

The threat landscape is ever-changing with new vulnerabilities detected on a daily basis. Threat actors are also getting smarter and the tools being used for attacks are becoming more sophisticated than ever. In these times, the need for actionable threat data and threat intelligence cannot be overemphasized.

Find additional threat insights and guidance on the type of network protection and security policy your organization should be putting in place in our annual report.