Australia, the United Kingdom, and Canada hit by the largest increase in incidents as data leakage attacks are also on the rise
Imperva, Inc., the cybersecurity leader championing the fight to secure data and applications wherever they reside, published its August 2020 Cyber Threat Index Report. The report showed most countries saw an increase in the number of security incidents in August. Simultaneously, the number of data leakage attack attempts also grew, targeting Apache servers, Git repositories, and databases.
The monthly report also revealed the overall Cyber Threat Index score rose for the second month in a row, gambling sites are facing larger DDoS attacks, and the number of high-risk vulnerabilities is growing.
Key findings between August 1 and August 30, 2020 include:
- Globally, the number of security incidents increased during August. Most countries experienced more security incidents in August than June and July. The largest increases in incidents were in Australia (+19%), the United Kingdom (+15%), and Canada (+13%). The only exception to this global trend was Russia, which saw the volume of incidents reduce by 6%.
- Data leakage attack attempts are on the rise. The number of data leakage incident attempts grew by 30% in August, targeting Apache servers, Git repositories, and databases. The most targeted industry for these attacks was Financial Services, which experienced a 55% growth in data leakage attack attempts since May.
- Overall Cyber Threat Index score rose for the second month in a row. The CTI score went up by six points both in both July and in August, reaching a score of 798, due to the increase in revealed high-risk vulnerabilities and a 5% increase in security incidents. Counterintuitively, the volume of blocked malicious requests dropped, indicating more targeted tactics and fewer randomized “spray-and-pray” attacks.
- The size of application DDoS attacks against gambling sites is increasing. DDoS attacks against gambling sites grew larger in size over the past few months. Imperva Research Labs measured a 281K requests per second (RPS) attack in August and a 250K RPS attack in July—larger attacks in comparison to the months prior.
- The number of high-risk remote code evaluation (RCE) and remote file inclusion (RFI) vulnerabilities is growing. Continuing a trend Imperva Research Labs has observed over the past eight months, the number of published vulnerabilities continues to increase. More than 250 vulnerabilities published in August—half of which were published with an exploit, and 5% of them are considered “high risk.”
- Travel industry traffic volume drops to a third of August 2019 levels. From November 2019 to April 2020, traffic decreased every month as the COVID-19 pandemic spread, becoming a global crisis. Although travel site traffic kicked off an upward trajectory in May 2020, it remains far below its pre-COVID 19 level. In addition, the number of security incidents in travel websites also decreased by 40% when compared to this time last year.
The Cyber Threat Index is a monthly measurement and analysis of the global cyber threat landscape across data and applications based on data gathered from Imperva sensors all over the world—including over 25 petabytes of network traffic passing through the Imperva CDN per month. With over one trillion total requests analyzed and 21 billion application attacks blocked, it offers an unrivaled comprehensive look at application security and provides an easy-to-understand score to consistently track cyber threat levels and observe trends over time. Viewers can dive deeper into the score and drill down for individual industries and countries, and also view historic Index scores.
The August 2020 Cyber Threat Index is available at https://www.imperva.com/cyber-threat-index/.
“Countries around the world are dealing with a similar problem in terms of increased security incidents. This is also exemplified by the increase in specific threats such as data leakage attacks, and vulnerabilities like RCE and RFI,” said Nadav Avital, head of security research at Imperva. “Furthermore, even though the volume of blocked malicious requests dropped, organizations must not lose focus, or assume they are safer because volume is down. Additionally, to address data leaks they must ensure assets are properly configured, to only allow necessary access to their systems.”
The Cyber Threat Index was created by Imperva Research Labs, a premier research organization for security analysis, vulnerability discovery, and compliance expertise. The organization provides round-the-clock research into the latest security vulnerabilities and is comprised of some of the world’s leading experts in data and application security.