New report looks at trends in attacks on web applications
- Published: Thursday, 27 June 2019 07:29
Positive Technologies has released a new research report, ‘Attacks on Web Applications: 2018 in Review’, which looks at the main threats to modern web resources. The analysis, covering over a million attacks, used web attack statistics collected by Positive Technologies Application Firewall.
For this research, experts selected 140,000 attacks which targeted specific sites and created an attack chain. These chains make it possible to identify the attackers' steps.
The study showed that the three most common attacks are simple and effective: SQL Injection, Path Traversal, and Cross-Site Scripting. However, the report authors noted some peculiarities for specific sectors.
The share of Information Leakage attacks has also doubled. This is an attack that is especially prevalent with government websites, making up 67 percent of attacks. Malicious actors often use these attacks to analyze systems, determine system version and configuration, and access service information. Once attackers have that information, they can stage targeted attacks.
The authors also note that government institutions’ websites are still exposed to dangerous attacks aimed at gaining server control and stealing database information. This means gaining control of the attacked website, having access to the OS and to all files on the server.
Positive Technologies experts assert that all websites, regardless of sector, are attacked daily. In the case of a targeted attack, it is possible to correlate the different stages and reconstruct the attack chain. A chain can contain dozens, hundreds, or even thousands of events a day. The report concludes that the greatest daily number of attack chains per application was found on the sites of financial institutions (151 chain) compared to other industries. Having visibility of the whole attack chain enables businesses to have a holistic overview of hacks to localize threats and protect resources more effectively.
Transportation companies rank second in the number of attack chains (135 a day). Their web resources support online payments, for instance, for buying tickets. This attracts hackers interested in users' payment cards.
Next on the list of most attacked web resources were hospitality and entertainment companies with 114 attack chains a day. Attackers are drawn to the valuable personal and payment data these industries have at their disposal to hack.