DDoS and SQLi are the Most… Discussed Attack Techniques
The research (also made on other smaller forums) used the forum’s search engine capabilities to analyze conversations by topic using specific keywords. Unfortunately no details have been provided about the methodology used to collect the data, however the results show that SQL Injection and DDoS are the most discussed topic, both of them with the 19% of discussion volume (I am glad to see that the results are coherent with the findings of my Cyber Attack Statistics).
Of course the data must be taken with the needed caution since the analyzed sample could not be entirely consistent. As Imperva admits: “The site we examined is not a hardcore crime site, but it’s not entirely softcore. New hackers come to this site to learn and,on the other hand, more experienced hackers teach to gain “street cred” and recognition […]. Typically, once hackers have gained enough of a reputation, they go to a more hardcore, invitation-only forum.” This probably means that the incidence of the two attack techniques is overrated since one should expect a beginner hacker to approach the easiest and most common attack methods for which there are many tools available.
Anyway the events of the last months show that an attack does not deserve less attention only because it is carried on by a beginner, nor a beginner worries too much if he uses automated tools without full knowledge and awareness. A look to the infosec chronicles of the last period is sufficient to verify that DDoS and SQLi attacks are always in the first pages.
Sadly, Imperva estimates that only the 5% of the security budget is spent on thwarting SQL Injection attacks.
Other interesting findings of the research are: the fact that social networks pose a major interest for hackers since they are becoming a prominent source of information and potential monetary gain (Facebook was the most discussed social media platform, with 39%, immediately followed by Twitter at 37%), and also the fact that E-whoring is becoming one of the most common methods for beginner cyber criminals to gain easy money (more than 13,000 threads observed).
- 854,294 hits since November 2010
08/13/2011 - My Post on Android Malware Mentioned on Engadget.
04/14/2011 - The Article Smart Grid: L'ultima Frontiera del Cybercrime published on ICT Security Magazine May 2011.
03/14/2011 - Security Summit 2011: Paolo Passeri guest at Round Table "Mobile Security: Rischi, Tecnologie, Mercato"
02/14/2011 - The Article Gears of Cyberwar published on ICT Security Magazine January 2011.
About This Blog
In this blog I express my personal opinion, which does not necessarily reflects the opinion of my organization, about events and news or interest, concerning information security, winking to mobile world and, why not, to some curious personal event.
Every information is reported with its source.
Anyone intending to use information contained in my post is free to do so, provided that mention my blog in your article.
Top Posts & Pages
- 1-15 July 2014 Cyber Attacks Timeline
- List Of Hacked Celebrities Who Had (Nude) Photos Leaked
- 2014 Cyber Attacks Timeline Master Index
- A (Graphical) World of Botnets and Cyber Attacks
- 2013 Cyber Attacks Statistics (Summary)
- 2012 Cyber Attacks Statistics
- 2013 Cyber Attacks Statistics
- Next Generation Firewalls and Web Applications Firewall Q&A
- June 2014 Cyber Attacks Statistics
- 2013 Cyber Attacks Timeline Master Index
- @lastlineinc recognized by CRN as a 2014 Emerging Vendor | Business Wire businesswire.com/news/home/2014… - 1 day ago
- 1-15 July 2014 Cyber Attacks Timeline #Infosec #Cyberattacks wp.me/p14J6X-2D9 - 2 days ago
- @ckreibich same test worked with an @A10Networks SSL inspector: malicious files downloaded through an https connection perfectly detected! - 6 days ago
- RT @lastlineinc: 'Cloud malware analysis a must-have for advanced threat protection' @TechTarget bit.ly/W70Opa http://t.co/ji5qWtt… - 1 week ago
- RT @cedricpernet: We are proud to be the first french guys to release a white paper about an #APT group :) ow.ly/z2fzL #cybercri… - 1 week ago
- Chinese businessman charged with hacking Boeing, Lockheed Martin ars.to/1yayEY9 - 1 week ago
- RT @lastlineinc: 1st quarter '15 earnings call from @barracuda mentions @lastlineinc to power APT protection hubs.ly/q0Hmf0 http://… - 1 week ago
- June 2014 Cyber Attacks Statistics wp.me/p14J6X-2CJ - 2 weeks ago
- I had to change the June Cyber Attacks Timeline after the revelation the alleged hack to the Hedge Fund was not real: hackmageddon.com/2014/07/02/16-… - 2 weeks ago
- @claushoumann Thank you, I really appreciate your support! It's time consuming but I believe it's worthwhile! - 2 weeks ago