Infoblox Inc. (NYSE:BLOX), the network control company, today released the second quarter 2015 report for the Infoblox DNS Threat Index, powered by IID, the source for clear cyberthreat intelligence. The index hit a record high of 133—up 58 percent from the second quarter of 2014—due to a surge in phishing attacks.
The Infoblox DNS Threat Index (www.infoblox.com/dns-threat-index), which Infoblox and IID (www.internetidentity.com) are introducing today, is an indicator of malicious activity worldwide exploiting the Domain Name System (DNS).
The single biggest factor driving the second-quarter increase, according to analysis of the data by IID and Infoblox, is the creation of malicious domains for phishing attacks. Phishing, a time-tested weapon of cybercriminals, involves sending emails that point users to fake web sites—mimicking a bank’s home page, for example, or a company’s employee portal—to collect confidential information such as account names and passwords or credit-card numbers.
Another significant contributor to the index’s record high is the growing demand for exploit kits. These packages of malicious software are typically hidden on web sites that appear to be innocuous, but download malware whenever a user visits—even if the user takes no action.
The Infoblox DNS Threat Index, which is the first security report to analyze the creation of malicious domains, has a baseline of 100—the average of quarterly results for the years 2013 and 2014. In the first quarter of 2015, the index stood at 122, and has now jumped an additional 11 points to a record high of 133 in the second quarter.
DNS is the address book of the Internet, translating domain names such as www.google.com into machine-readable Internet Protocol (IP) addresses such as 220.127.116.11. Because DNS is required for almost all Internet connections, cybercriminals are constantly creating new domains to unleash a variety of threats that can leverage DNS, ranging from simple malware to exploit kits, phishing, distributed denial of service (DDoS) attacks, and data exfiltration.
“DNS is critical infrastructure for the Internet that can’t be turned off. Through our analysis, it’s apparent that cybercriminals recognize this and see DNS as a vector for penetrating government, corporate, and personal networks,” said Rod Rasmussen, chief technology officer at IID. “The Infoblox DNS Threat Index, powered by IID, is intended to give insight into the extent to which bad actors are leveraging DNS for illicit activities.”
“DNS sits at the center of the Internet, connecting people, applications, and devices—making DNS a powerful tool for protecting networks as well as penetrating them,” said Craig Sanderson, senior director of security products at Infoblox. “Organizations can enhance their security by acquiring and understanding DNS threat intelligence data, then using that data to block access to malicious domains.”
The full Infoblox DNS Threat Index report for the second quarter of 2015 is available for free, with no registration required, at www.infoblox.com/dns-threat-index.
Infoblox (NYSE:BLOX) delivers network control solutions, the fundamental technology that connects end users, devices, and networks. These solutions enable more than 8,100 enterprises and service providers to transform, secure, and scale complex networks. Infoblox helps take the burden of complex network control out of human hands, reduce costs, and increase security, accuracy, and uptime. Infoblox (www.infoblox.com) is headquartered in Santa Clara, California, and has operations in over 25 countries.
Forward-looking and Cautionary Statements—Infoblox
Certain statements in this release are forward-looking statements, which involve a number of risks and uncertainties that could cause actual results to differ materially from those in such forward-looking statements. As such, this release is subject to the safe harbors created by U.S. Federal Securities Laws. The risks and uncertainties relating to these statements include, but are not limited to, risks that there may be design flaws in the company’s products, shifts in customer demand and the IT services market in general, shifts in strategic relationships, delays in the ability to deliver products, or announcements by competitors. These and other risks may be detailed from time to time in Infoblox’s periodic reports filed with the Securities and Exchange Commission, copies of which may be obtained from www.sec.gov. Infoblox is under no obligation to (and expressly disclaims any such obligation to) update or alter its forward-looking statements whether as a result of new information, future events, or otherwise.