Generative AI and deepfakes increase security risk, highlight need for DNS security
DNSFilter announced today the results of its 2024 Annual Security Report, which reviews the past year of cybersecurity data gathered from the company’s large network. Across the board, detections of cybercriminal activity are up, with DNSFilter’s threat intelligence team observing an increase in phishing, botnet and malware detections in 2023 compared to the prior year. The report is available for download at https://explore.dnsfilter.com/2024-annual-security-report.
Last year, DNSFilter processed over one million queries every second – including both innocuous business queries and those malicious sites that the DNSFilter system is built to protect against. Ransomware actors rely heavily on phishing techniques, social engineering, and links to malicious websites. And according to CISA, 90% of all cyberattacks start with a phishing attack. That’s why protective DNS continues to be a critical layer to secure in the modern tech stack.
Highlights of the report’s findings include:
- Phishing attacks continue to be a favorite method of bad actors: Detections of phishing attempts increased by 106% year-over-year, while malware detections were up 40%.
- Malicious domains are being spun up quickly and frequently: Blocks of very new malicious domains (those registered within the previous 24 hours) increased by a whopping 1250%.
- The average user encounters five malicious queries a day: On average, many of DNSFilter’s users access ~5,000 queries per day; and one in 1,000 is likely to be malicious. That adds up to about 1,825 malicious queries per user per year. Additionally, 1 out of every 100 individual domains on DNSFilter’s network are found to be malicious in some way.
- Chicago and Dallas were two of the top malicious regions on the network: Chicago accounted for nearly 10% of all malicious queries DNSFilter observed in the past year, with Dallas not far behind at 9%.
- Generative AI is becoming a popular tool with bad actors: Phishing actors are already using this technology to improve their chances of success, and 2023 saw the introduction of new malicious AI tool sets like WormGPT, FraudGPT, and DarkBERT.
Ken Carnesi, CEO and co-founder, DNSFilter, said: “GenAI and deepfakes are adding to the already complex cybersecurity landscape. This year’s annual security report underscores the critical significance of understanding domain-based threats and the pivotal role of DNS queries in safeguarding digital infrastructure. The rising sophistication of cyber threats highlights the need for strong defense mechanisms to defeat malicious activities targeting domains and exploiting vulnerabilities within DNS systems.”