Findings From DNSFilter’s 2021 Domain Threat Report

The annual threat report shows other countries are overtaking Russia and China as the top malicious threat actors—4 of the top 5 most-malicious Country-Code Top-Level Domains on the DNSFilter network belong to African countries.

Washington, D.C. <Nov. 2, 2021> -- AI-driven web security company DNSFilter (www.dnsfilter.com) has released its annual Domain Threat Report. Their research spans March 2020 through August 2021, but they found that more than the COVID pandemic impacted end users’ interaction with malicious sites. They identified trends among sites related to cryptocurrency, unemployment, and more. 

DNSFilter blocks threats in real-time at the DNS level, stopping access to malicious domains. The information collected in DNSFilter’s 2021 Domain Threat Report is backed by their proprietary Artificial Intelligence (AI) known as Webshrinker. 

DNSFilter CEO Ken Carnesi writes the foreword of the threat report and notes that “2021 was the first time we truly took stock of this DNS data and recognized that sharing it will help others secure their IT infrastructure.” Ken believes “this report will assist organizations better understand the current, rapidly evolving, domain landscape and make better decisions when it comes to enabling DNS protection.”

COVID-19, Cryptocurrency, and China—Findings from the report

According to the report, 11.47% of COVID-related queries during the pandemic were malicious—that’s more than 1 in 10. Although media coverage of the COVID-19 pandemic has waned in recent months, the opportunity for malicious domains capitalizing on COVID-related searches still exists. The shape these threats have taken has changed, with unemployment scams (a result of pandemic benefits) in mid-2021 surging.

Cryptomining has also had a resurgence over the last year as blockchain technology and NFTs have risen in popularity. Ethereum, Dogecoin, and Litecoin are more likely to be cryptomining sites, while copycat domains of Bitcoin are more likely to be phishing. 18.72% of cryptomining sites actively include terms relating to “mining” or “coin.” These sites are not necessarily hiding their intentions.

Other trends noted in this year’s report shed light on the geographic location of malicious domains. One of the more interesting findings was that China is responsible for 16.69% of all malware queries on the DNSFilter network. However, four out of five of the ccTLDs (Country-code Top-Level Domains) with the highest percent of malicious domains were in Africa.

Jen Ayers, COO of DNSFilter and former VP of Overwatch at CrowdStrike, writes in her closing thoughts: “The speed with which we’ve seen high profile and expensive attacks occur has accelerated beyond even the most pessimistic predictions five years ago. As of the month of January 2020 we blocked a total of 23 million DNS-based threats on our network. This figure rose to a scary 328 million by the end of June 2020 representing an increase of over ~1200%. We do not expect this to slow down...DNS-based threats are here to stay.”

Read the complete DNSFilter Domain Threat Report.

About DNSFilter

DNSFilter is a venture-backed startup that provides edge-layer security via DNS. They protect over 15,000 organizations from ransomware, phishing, botnet, and other cybersecurity threats—all while running on the fastest network within the DNS security industry. DNSFilter identifies threats up to 154 hours faster than competitors, and uniquely categorizes more than 76% of domain-based threats, including zero-day threats.

Search
  • There are no suggestions because the search field is empty.
Latest posts
Scary Security Stats: Roundup from 2024 Research Scary Security Stats: Roundup from 2024 Research

Each year, cybersecurity companies publish a number of research reports focusing on different aspects of cybersecurity and breach trends. Below is a list of some of the most alarming statistics from several reports published throughout the year from various companies.

{% module_block module "widget_6aeb08dc-4790-47de-a546-385b24cb0188" %}{% module_attribute "button_text" is_json="true" %}"READ MORE"{% end_module_attribute %}{...
DNSFilter Chief Data Scientist: Where we're going, we don't need (negative) labels DNSFilter Chief Data Scientist: Where we're going, we don't need (negative) labels

Have you ever tried to build a machine learning classifier where you only had labels for one of the classes?

Back to Basics: Why DNS is still foundational even as technology evolves Back to Basics: Why DNS is still foundational even as technology evolves

Almost every company is chasing the latest shiny object in an effort to be more competitive. The latest shiny object isAI, but before that, it was cloud, 5G, etc. The problem is that all of these new technologies also increase security risks — and the reality is that most organizations are ill-prepared for the existing security risks, let alone the new ones created by the addition of emerging technologies.

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.