3 min Security

Security Report: Web app attacks are up 800% compared to 2019

Security Report: Web app attacks are up 800% compared to 2019

All categories of attacks have increased as hackers adapt their tactics to the pandemic world.

CDNetworks, a leading CDN and cloud security provider, has released their State of the Web Security for H1 2020 Report. The Report describes a massive increase in cyber attacks in 2020 compared to 2019.

The types of attacks surging include distributed denial-of-service (DDoS), Web application, bot, and other attacks. In particular, attacks on web applications rose by 800%. These alarming statistics show that enterprises are experiencing challenging times in their attempts to defend against cyber-attacks and protect their online assets.

Hackers are adapting their methods to fit new target profiles

The Report goes on to say that hackers are extremely sensitive to industry transformation. For this reason, the challenges of the global pandemic are leading hackers to move attacks from less visited sites such as those related to hospitality, transportation, and other travel-related businesses.

Instead, the malefactors have redirected their attention to sites that are profiting under Covid-19. These include media, public services, and education. Hackers are also going after e-government and digital public service systems due to the sensitive and valuable information these systems hold.

The Report predicts that attacks against public sectors will become increasingly aggressive over time.

The report also found that DDoS attack incidents saw over a 147% year-on-year growth as of H1 2020.

CDN also reported that bot attacks nearly doubled in 2020 with 10.38 billion bot attacks blocked by the firm. The report says this figure was 97% higher than H1 2019. On average, CDNetworks blocked 660 bot attack incidents, nearly doubling H1 2019. 

New technologies create new vulnerabilities

As new web application methodologies, from network security to cloud security, expose new attack surfaces, the boundary of security protection continues to expand with them.

“As a result, today’s APIs, micro-services, and serverless functions are all vulnerable to malformed requests, bot traffic, and DDoS attacks at both network and application layers,” says CDNetworks.

“Moreover, the evolution of 5G networks, edge computing, artificial intelligence (AI), and Internet of Things is rapidly forcing conventional security into the dustbin.”

The report asserts that previous security methods are giving way to software-defined security. This is emerging as a significant trend in the development of network security.

CDN urges enterprises to “act immediately to adopt a comprehensive website security suite that includes a web application firewall (WAF), bot management solution, and DDoS protection.”

Tip: Cybercrime becomes more sophisticated: ‘we can’t continue like this.’