According to a report — compared to last year — the different attack vectors have seen an exponential rise this year. Read on to know more…
This year, different attack vectors — such as DDoS, bots, and web-based exploits — have seen an exponential rise as compared to last year. According to State of the Web Security for H1 2020 report, Distributed Denial-of-Service (DDoS), Web application, bot, and other attacks have surged exponentially compared to the first half of 2019. In particular, attacks on web applications rose by 800%. These alarming statistics show that enterprises are experiencing challenging times in their attempts to defend against cyber-attacks and protect their online assets.
The Report goes on to say that hackers are extremely sensitive to industry transformation. For this reason, the challenges of the global pandemic are leading hackers to move attacks from less visited sites such as those related to hospitality, transportation, and other travel-related businesses and redirect their attention to sites that are profiting under Covid-19 such as media, public services, and education. E-government and digital public service systems are also magnets to hackers due to the sensitive and valuable information these systems hold. The Report contends that attacks against public sectors will continue with increasing virulence.
Some Stats
The media sector suffered the most number of DDoS attacks at 42%, followed by retail (27%) and gaming (15%) sectors. According to a CDNetworks report, brute force is the most common type of web application violation, followed by SQL injection, custom rules, dynamic IP blacklist, and IP blacklist.
Automation has become a substantial threat as more than 90% of web attacks are automated. This year, 660 bot attacks were witnessed per second, with the numbers rising in the second half.
The Report
The report exhibits that APIs, micro-services, and serverless functions are vulnerable to DDoS attacks, bot traffic, and malformed requests since the evolution of web app techniques brings new attack surfaces to the surface. Furthermore, software-defined security is rising as the ‘it’ trend in network security development.
Industry transformation is a precarious area as hackers have a tendency to move their focus from one sector to the next big thing.
Other Stats
Regarding phishing, attackers are mostly focused on e-commerce services ( 34.70%), followed by IT and telecom (22.20%), and product and mining (13.90%) sectors. The use of VPNs by remote workers has opened a new gate for attackers to try their hands on and they are getting successful at it.
Ransomware-as-a-Service (RaaS) has seen a growth spurt as it automates the repetitive attacks associated with ransomware campaigns.
The Bottom Line
Businesses that are preoccupied with user privacy, security, and compliance do not have the luxury to be finicky about security services. They are recommended to go the whole nine yards when it comes to defending themselves from the constantly evolving cyber threats. This is the time to rethink the fundamentals of strategy and tailor them to meet the needs of the current security landscape.