Web Applications Under Attack Every Two Minutes, Imperva Finds
Study of 10 million web application attacks shows automated attacks can peak at 25,000 an hour
– Imperva, a pioneer and leader of a new category of data security solutions for high-value business data in the data center, released today the results of the Imperva Web Application Attack Report (WAAR), which revealed that web applications, on average, experience twenty seven attacks per hour, or roughly one attack every two minutes. The WAAR, created as a part of Imperva's ongoing Hacker Intelligence Initiative, offers insight into actual malicious web application attack traffic over a period of six months, December 2010 through May 2011.
- - Automated attacks are prevalent. According to the WAAR, attack traffic during the six month period was characterized by spikes of high volume attack activity followed longer periods of lighter activity, key indicators of automation. On average companies experienced twenty-seven attacks per hour, or an attack every two minutes. However, when websites came under automated attack they received up to 25,000 attacks in one hour, or 7 attacks every second.
- - The Unfab Four. The four most prevalent Web application attacks include directory traversal (37 percent), cross site scripting (36 percent), SQL injection (23 percent) and remote file include (four percent). These attacks were often used in combination to scan for vulnerabilities and subsequently exploit found vulnerabilities.
- - Most attacks come from within the United States. Over 61 percent of the attacks originated from bots in the United States, though it was unclear from where they were controlled. Attacks from China made up almost 10 percent of attack traffic, followed by attacks originating in Sweden and France. Geography, however, is less than reliable, but filtering attacks by reputation is more so. The WAAR data shows that 29 percent of the attacks originated from the same 10 most active attack sources.