As compared to last year, this year different attack vectors have seen an exponential rise. These vectors include vectors such as DDoS, Bots, and web-based exploits as well.
- The most number of DDoS attacks have been suffered by the media sector at 42% followed by retail at 27% and the gaming sector at 15%.
- The most common type of web-application violation is the brute force attack, followed by SQL injection, custom rules, dynamic IP blacklist, and IP blacklist.
- More than 90% of web attacks are automated making automation a substantial threat.
- This year, 660 bot attacks were witnessed per second, with the numbers rising in the second half.
Various reports from researchers have exhibited that APIs, micro-services, and serverless functions are vulnerable to DDoS attacks, bot traffic, and malformed requests, given the evolution of web app techniques brings new vectors into the picture. To further this development, software-defined security has been seen as the rising trend in the IT network security industry. Since hackers have a tendency to move their focus from one sector to the next big thing, industry transformation is a precarious area.
Other Stats –
- Phishing attackers have mostly focused on e-commerce services (34.70%), followed by IT and telecom (22.20%), and product and mining (13.90%) sectors.
- Attackers have found a new medium to attack successfully with remote workers using VPN’s to perform their professional tasks remotely.
- Ransomware-as-a-Service (RaaS) has seen a growth spurt as it automates the repetitive attacks associated with ransomware campaigns.
Businesses that are preoccupied with user privacy, security, and compliance don’t have the luxury to be fussy about security services. Our internal experts recommend going the whole nine yards when it comes to defending themselves from the constantly evolving cyber threats. The time has arrived to rethink the fundamentals of strategy and tailor them to meet the needs of the current security landscape.
To read more, please check eScan Blog
