July 25, 2011

Web Applications Probed Once Every Two Minutes

As a part of its ongoing Hacker Intelligence Initiative, Imperva’s Application Defense Center (ADC) observed and categorized attacks across 30 applications as well as The Onion Router (TOR) traffic, monitoring more than 10 million individual attacks targeted at web applications over a period of six months.  Our analysis shows:

  • Due to automation, web applications, on average, are probed or attacked about 27 times per hour or about once every two minutes.  At the apex of an attack, web applications can experience nearly 25,000 attacks per hour or 7 per second.   The way hackers have leveraged automation is one of the most significant innovations in criminal history. You can’t automate car theft or purse snatching—but you can automate data theft. We predict that automation will be the driver that will help make cyber crime exceed physical crime in terms of financial impact. Ironically, most organizations, especially smaller ones, have not yet emphasized Web application security and need to take notice as automated methods will virtually guarantee that criminals will find them
  • Four dominant attack types comprise the vast majority of attacks targeting web applications: Directory Traversal, Cross-Site Scripting, SQL injection, and Remote File Inclusion.  These findings very much mirror the approach used by hacking groups such as Lulzsec and Anonymous whose attacks largely focus on data theft via application attack.  Our findings and the recent spate of high profile data breaches highlights how the battlefield has shifted to applications and databases and away from network firewalls and anti-virus.
  • The United States is the main source of application attacks. Applications are attacked by infected computers, or bots, with most located in the US.  This highlights that advances in evasion are also significant. Our data shows that it is increasingly difficult to trace attacks to specific entities or organizations.  This complicates any effort to retaliate, shut down cybercriminal gangs or identify potential acts of war.

To download the report, with no registration required, click here.


Authors & Topics:

Share on LinkedIn


Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Comments are moderated, and will not appear until the author has approved them.