Web apps are attacked one out of three days, report says
A typical Web application gets attacked 137 times in 59 separate days during a six-month period, Imperva says
IDG News Service - A typical Web application is the target of an attack at least one in three days on average, according to a report released by data security firm Imperva.
The third edition of Imperva's semi-annual Web Application Attack Report (WAAR), released on Tuesday, is based on an analysis of Internet traffic collected from 50 publicly available Web applications between December 2011 and May 2012. Imperva determined that a typical Web application experienced 59 "battle days" -- days in which at least one attack incident occurred -- during the six-month period.
Many of the monitored applications differed in size and purpose, and most of them were hosted in the U.S. and the European Union, said Amichai Shulman, Imperva's chief technology officer.
Imperva found that for a typical Web application the median number of attack incidents recorded during a six-month period was 137.
An attack incident was defined by the company as a burst of malicious traffic that exceeded a rate of 30 attack requests per five minutes.
This method of counting attacks was significantly different than the one used by the company for its previous WAAR reports, which focused on the total number of attack requests.
The worst case seen by the company involved an application that experienced 1,383 attack incidents spanning 141 battle days, or 80 percent of the days in the six-month period.
The typical attack incident had a magnitude of 195 requests and lasted almost 8 minutes, Imperva said in its report. However, the worst incident lasted 10 times longer than that and involved 8,790 attack requests.
The new methodology of interpreting data revealed that SQL injection (SQLi) was the attack technique most commonly used. The median number of SQLi attacks experienced by a typical Web application was 17.5 and in the worst case it was 320.
This is a significant change, because previous WAAR reports placed cross-site scripting (XSS) and directory traversal attacks ahead of SQLi attacks in terms of frequency.
The new methodology allowed the company's researchers to see things in a different way, Shulman said. "While the number of individual requests for cross-site scripting and directory traversal is higher than for SQL injection, in reality, the number of attacks in which SQL injection is involved is higher."
However, given what other security vendors have reported in the past, the efficiency of SQLi attacks is somewhat questionable. For example, Verizon said in its 2012 Data Breach Investigations Report that SQL injection was used in only 3 percent of data breach incidents.
It's possible that SQL injection, while the most popular attack technique, is not the most successful one, Shulman said. However, "I find it hard to believe that attackers are wasting so much energy over SQL injection if it's not proving to be successful," he said.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Mobile Applications Case Study: 8 Billion Transactions a Day The story documents how the online brokerage company tradeMONSTER created a custom mobile app and the success gleaned from this initiative. Also covered...
- Who's afraid of the big (data) bad wolf? Survive the big data storm by getting ahead of integration and governance functional requirements This paper provides a detailed review of the best practices clients should consider before embarking on their big data integration projects.
- Mobile Apps and Devices Slash Customer Cycle Time Consolidated Engineering Laboratories' field employees used to collect data on triplicate forms that were sometimes hard to read and difficult to manage. After...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources... All Cybercrime and Hacking White Papers | Webcasts