COVID-19 affects web traffic and attack trends
There have been significant changes in web attack and traffic trends as a result of COVID-19, according to Imperva.
The monthly report also revealed that the Cyber Threat Index remains at a ‘high’ level and the financial services sector has been suffering the most from cross-scripting site (XSS) attacks, and a continued increase in attacks from cloud services.
Amid COVID-19, web traffic and attack trends were affected
During the month of March, changes in traffic and attack trends were tracked across multiple industries and countries as the coronavirus pandemic escalated.
The March findings indicated that the food and beverage industry experienced more website attacks globally (+6%), especially in Germany (+125%). There were more attacks on the financial industry both globally (+3%) and in specific countries like Italy (+44%), UK (+21%), and Spain (+18%).
CTI remains at a ‘high’ level
In March, a balancing effect took place as some industries (news and retail) saw increases in both traffic and attacks, while others (travel and sports) saw less traffic and attacks. Due to this variation between industries, the global index remains consistent and, while the score didn’t increase, the risks remain high.
Financial services suffer the most from XSS attacks
Cross-site-scripting attacks, a type of malicious script injection, were the most dominant attack vector (32%) for sites in the financial services sector. This may be because taking over web sessions in financial sites is extremely profitable for hackers, or because of the high regulation on these sites and the frequent risk assessment and penetration tests being conducted.
Network DDoS peaked at 279 GBPS
Aimed at a domain name registrar and web hosting company in the U.S., Imperva registered a network DDoS attack that peaked at 279 GBPS which is 37% higher than the average network DDoS attack in the last three months.
Attacks from cloud services increased
As attacks from anonymization platforms declined, attacks from cloud services increased. Imperva observed a 23% decline in attacks from anonymity frameworks like TOR, VPNs, and masking proxies. This can be explained by the simultaneous 10% growth in attacks coming from different cloud services, which provide a partial anonymity.
U.S. govt and law sector attacks compared to those in France
Attacks against the government and law sector in the U.S. declined, compared to an increase in France. France’s first local election round was accompanied by a 12% increase in attacks on law and government websites, while the U.S. experienced a 5% decline in attacks during the month of March.