IT was the most intensely targeted industry for web application cyberattacks in 2017, with hackers launching an average of 1,014 attacks on firms each day, according to a Thursday report from Positive Technologies.
Attackers are lured to IT by the possibility of profit gained from attacking a firm's customers, the report found. These customers tend to hire external contractors to support their business processes, internal infrastructure, or web applications, and access to an IT company can open the door for hackers to access those clients' systems. For example, last year's NotPetya attack started with the hack of an accounting software developer, the report noted.
Finance was a close second to IT for web application attacks in 2017, with firms facing an average of 983 daily attacks as hackers try to compromise bank accounts, the report found. The cryptocurrency boom and massive number of initial coin offerings (ICOs) last year also provided new targets for attackers, who actively exploited web application vulnerabilities in attacks against these targets, and will likely continue to do so.
SEE: Network security policy template (Tech Pro Research)
Cross-site scripting compromised nearly one third of all attacks (32%), the report found. Other popular attack vectors included SQL injection (22%), path traversal (11%), local file inclusion (10%), and remote code execution and OS commanding (8%).
Government, healthcare, and education were other top industries targeted in 2017, the report found. A relatively low number of attacks were carried out on energy and industrial companies, at nine per day on average. However, these attacks tend to be very dangerous—planned by sophisticated hackers with intricate details, with the goal of taking control of these systems, the report noted.
Attacks on all industries are likely to continue, especially as the 2018 World Cup kicks off in June. High-profile international events like the World Cup and the Olympics draw a large number of attacks, including denial-of-service, defacement, and attacks against users, according to the report.
Businesses can take a number of measures to protect themselves from web application attacks. "As we have seen from attacks across all sectors, ensuring maximum security for a web application requires auditing through all stages of development and after it is put into production," Positive Technologies analyst Ekaterina Kilyusheva said in the release. "It's critical to regularly install any updates available for web application components and use a web application firewall (WAF), which is an essential prevention measure."
The big takeaways for tech leaders:
- Hackers launched an average of 1,014 attacks against IT firms each day in 2017. — Positive Technologies, 2018
- Cross-site scripting, SQL injection, and path traversal were the most common web application attack types in 2017. — Positive Technologies, 2018
- Special report: Cybersecurity in an IoT and mobile world (free PDF) (TechRepublic)
- Cross-site scripting attacks: A cheat sheet (TechRepublic)
- Memcached DDoS: The biggest, baddest denial of service attacker yet (ZDNet)
- Cheat sheet: How to become a cybersecurity pro (TechRepublic)
- Brazil hit by 30 DDoS attacks per hour in 2017 (ZDNet)
- Massive DDoS attack lasts for 277 hours, highlighting growth of extended attacks on businesses (TechRepublic)
Alison DeNisco Rayome has nothing to disclose. She does not hold investments in the technology companies she covers.
Alison DeNisco Rayome is a Senior Editor for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.