Web app attacks are up 800% compared to 2019

Report finds many attacks focus on companies least impacted by COVID-19 outbreak

Web application attacks have increased by over 800%, according to the State of the Web Security for H1 2020 report.

Published by CDN and cloud security provider CDNetworks, the report found that during the first half of this year, web application attacks, which use malformed requests or injected payloads to steal data, modify data or obtain privileges illicitly, increased nine times relative to H1 2019.

CDNetworks saw and blocked over 4.2 billion web application attacks during H1 2020.

The statistic show that web application attacks in the public sector surpassed attacks in retail venues, making the public sector the single most attacked industry during this period

“In fact, over 1 billion of the web attacks were targeted toward the public sector, which accounts for 26% of total attacks," the report says. "Equally disturbing is the fact that with artificial intelligence (AI) becoming a vital part of cybersecurity, hackers are now using machine learning to detect and crack vulnerabilities in networks and systems."

The company collected anonymized data from its clients and said the statistics showed enterprises are “experiencing challenging times in their attempts to defend against cyber attacks and protect their online assets.”

The report also found that DDoS attack incidents saw over a 147% year-on-year growth as of H1 2020. This increase peaked in February and March and remained at elevated levels. Similarly, attack peaks more than doubled in H1 2019 compared to H1 2020. The study found the most prevalent DDoS attacks were SYN flood at 53% and UDP flood at 35%. ACK flood and ICMP flood attacks were significantly lower at 8% and 4%, respectively.

According to the report, bot attacks nearly doubled in 2020 with 10.38 billion bot attacks blocked by the firm. CDNetworks said this figure was 97% higher than H1 2019. On average, CDNetworks blocked 660 bot attack incidents, nearly doubling H1 2019. 

Bot attacks relate directly to economic trends. In previous years, bot attacks focused on tourism and related industries, such as transportation and hospitality. But COVID-19’s impact on tourism and hospitality, online services, e-commerce and gaming are now bot attacks’ primary targets.

The report added that hackers are extremely sensitive to industry transformations and switch their attack tools and methods to keep pace with these changes.

“Nowhere is this more evident than with the Covid pandemic, where a decline in the tourism industry has prompted attackers to move toward exploiting online learning, telecommuting, and other businesses that are flourishing during the current pandemic,” the report’s authors said.

Featured Resources

Choosing a collaboration platform

Eight questions every IT leader should ask

Download now

Performance benchmark: PostgreSQL/ MongoDB

Helping developers choose a database

Download now

Customer service vs. customer experience

Three-step guide to modern customer experience

Download now

Taking a proactive approach to cyber security

A complete guide to penetration testing

Download now

Recommended

A guide to cyber security certification and training
Careers & training

A guide to cyber security certification and training

22 Apr 2021
What is hacktivism?
hacking

What is hacktivism?

22 Apr 2021
Geico data breach leads to stolen driver’s license numbers
data breaches

Geico data breach leads to stolen driver’s license numbers

21 Apr 2021
UK’s IoT security regulation will also include smartphones
Internet of Things (IoT)

UK’s IoT security regulation will also include smartphones

21 Apr 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
REvil threatens to release Apple’s hardware schematics
ransomware

REvil threatens to release Apple’s hardware schematics

21 Apr 2021