About these ads

Archive

Archive for the ‘Cyber Attacks Statistics’ Category

2013 Cyber Attacks Statistics (Summary)

January 19, 2014 4 comments

This post has been possible thanks to the contribution of @piz69, who kindly (and patiently) took care to aggregate the data for 2013!

Finally we can consolidate the data related to 2013 and draw some global stats summarizing the infosec landscape for the past year. Of course this data cannot absolutely pretend to be exhaustive, but rather we could define the charts  as macro-indicators of the threat landscape and the corresponding trend, since the sources of the timelines (from which the stats are derived) are open and therefore only show cyber attacks that were discovered and gained space in the news.

Before drilling down into the data for the past year, it’s worth to have a look to the trend of the last three years (with the caveat that data for 2011 are incomplete as it was consolidated into a form comparable with 2012 and 2013 only starting from September).

Apparently 2012 and 2013 have a very different shape: 2012 shows a constant trend (with a high activity between May and June), while, after an initial peak, the line for 2013 experiences a progressive decrease, reaching a stable state. This is probably due to the minor influence of attacks motivated by hacktivism throughout the year (see the next chart).

2011-2012-Summary

2011-2013 Data Trend (data for 2011 consolidated starting from September)

A closer look to 2013 allows to understand the influence of the motivations throughout the different months. The initial part of the year is characterized by hacktivism. Cyber Crime is quite constant and ends up dominating the second half. This trend does not mean a decrease of hacktivism, but rather a different connotation throughout the year: the global-scale operations executed by the Anonymous have progressively been replaced by local phenomena (for instance the cyber attacks in India and Pakistan). Also the first months of the year are influenced by the DDos attacks of Izz ad-Din al-Qassam Cyber Fighters against US Banks.

2013-Summary

2013 Attack Trend with the Drill-down of Motivations

Exploring the motivations shows a slight advantage of Cyber Crime (47%) over Hacktivism (44%), well above Cyber Espionage (5%) and Cyber Warfare (4%).

2013-Motivations

Motivations Behind Attacks (2013)

DDoS leads the chart of known Attack Techniques (23%) ahead of SQLi (19%) and Defacements (14%). It’s also worth to mention the rank number five achieved by Account Hijacking (with 9%) and the growing influence of Targeted Attacks ranking at number six with 6%.

2013-Attacks

Top 10 Attack Techniques (2013)

Governments and Industries have been the most preferred targets for Cyber Attackers with similar values (respectively 23% and 22%). Targets belonging to finance rank at number three (7%), immediately ahead of News (6%) and Education (5%).

2013-Targets

Top 10 Targets (2013)

And, last but not least, the Top 10 Countries chart is lead by US which suffered nearly 1 attack on 2, well ahead of UK (5%) and India (3%).

2013-Countries

Top 10 Countries (2013)

As usual, bear in mind that the sample must be taken very carefully since it refers only to discovered attacks, published in the news, and included in my timelines. The sample cannot be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012. You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

About these ads

December 2013 Cyber Attack Statistics

January 15, 2014 Leave a comment

It’s time for the statistics derived from the Cyber Attacks Timelines of December (Part I and Part II).

As a consolidated tradition, the first chart to be shown is the Daily Attack Trend, which shows quite a constant trend with two peaks just at the beginning and at the end of the month.

December 2013 Daily Attack Trend

The Country Distribution Chart is quite monotonous: as usual the United States lead the chart (with nearly one half of the recorded attacks), well above UK (at rank number two with 8%). The other countries are quite far this month…

December 2013 Country Distribution

The Motivations Behind Attacks chart shows a clear predominance of Cyber Crime (62%) against Hacktivism (34%), a sharp increase of the first in comparison with the previous month when the values were respectively 53% and 45%.

December 2013 Motivations

Well, 28.4% of attacks into the Distribution of Attack Techniques chart are without a known origin (a sharp increase in comparison to 23.1% of the previous month). Defacements plummeted at 18.9% in comparison to 29.7% of the previous month), while DDoSes are in slight increase with 17.9% (was 15.4 one month ago). It is also interested to notice the growth of SQLi, at 12.6% against 4.4% of November.

December 2013 Distribution

Last but not least, the Distribution of Target chart, where a change at rank number one happened. In practice industry and government targets swapped their positions (with similar values in comparison to the previous month). Financial targets close the podium, leaving behind the other categories.

December 2013 Targetspng

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks, published in the news, and included in my timelines. The sample cannot be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Enhanced by Zemanta

November 2013 Cyber Attacks Statistics

December 8, 2013 Leave a comment

It’s time to summarize the Cyber Landscape of November, extracting the corresponding statistics from the two two timelines of November (part I and part II).

Let us begin with the Attack Trend. From this point of view November has been quite active and stable (despite some breaks in the trend).

Attack Trend November 2013

The attacks executed by Pakistani hackers against India and Indonesian hackers against Australia influence the Country Distribution Chart, which is led, as usual, by the US, well above these two countries.

Country Distribution November 2013

Cyber Crime leads the Motivations Behind Attacks chart (53%), even if the spread with hacktivism (45%) is much smaller in comparison with the previous month when the two were respectively at 63% and 33%. For the second consecutive month, apparently, I have recorded no operations related to Cyber Warfare.

Motivations November 2013

The Distribution of Attack Techniques Chart sees Defacement at number one for the third consecutive month with 29.7%. DDoS ranks at number three with 15.4%, more than five points above Account Hijacking, which ranks at number four with 9.9. SQLi is constantly decreasing and this month ranks at number six with 4.4%.

Attacks November 2013

The Distribution of Targets chart confirms governments at number one with 29.3% and industries at number two with 25%. What is also interesting to notice in this month is the presence into the chart of Bitcoin Wallets, an increasingly interesting prey for Cyber Criminals, at rank number seven with 3.3%. Entertainment and Software lead the drill-down chart for Industries, while Political Parties (quite obviously) lead the one for Organizations.

Targets November 2013

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks, published in the news, and included in my timelines. The sample cannot be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

October 2013 Cyber Attacks Statistics

November 17, 2013 1 comment

Time has come for the October 2013 Cyber Attacks Statistics. As usual they summarize in an analytic form the findings contained in the October 2013 Cyber Attacks timelines (part I and part II) and aim to provide a snapshot of the landscape related to Cyber Attacks reported in the news.

Let us begin with the Daily Trend of Attacks. The October graph shows quite a constant trend with two peaks around the 3 and (most of all) the 16.

October 2013 Trend

As usual, the US lead the Country Distribution Chart. India (4%) ranks at number two, a consequence of the continuous cyber attacks by Pakistani hackers, while Israel and UK (3%) are on an equal footing at the third place.

October 2013 Country Distribution

The Motivations Behind Attacks chart shows a clear predominance of Cyber Crime (63%), in net growth compared with the 44% of September. Hacktivism ranks at number two, and obviously in net decrease in comparison with 33% of the previous month. Apparently I have recorded no operations related to Cyber Warfare.

October 2013 Motivations

The Distribution of Attack Techniques confirms Defacement at number one with 27.2%. DNS Hijacking (9.8%) is for the first time in the podium at number three, while DDoS and SQLi, used to be steadily in the higher positions, are respectively at number four (8.7%) and five (7.6%), immediately ahead of Account Hijacking (5,4%) in net decrease in comparison with 20% of the previous month.

October 2013 Distribution Of Attack Techniques

Nothing surprising for the Distribution of Targets chart, which confirms governments at number one (23.9%), and industries at number two (16.3%). Targets belonging to Organizations complete the podium with 8.7%. Drilling down to industry fragmentation, software companies clearly lead the chart with 40%.

October 2013 Targets

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks, published in the news, and included in my timelines. The sample cannot be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

September 2013 Cyber Attacks Statistics

October 20, 2013 Leave a comment

Even if with a small delay, it is time for the Cyber Attacks Statistics derived from the Cyber Attacks Timelines of September (Part I and Part II).

As usual let us begin with the Daily Trend of Attacks chart. The chart shows a clear peak on September, 27th, due to a wave of attacks of the Anonymous against the Cambodian Government. In general, the number of attacks reported on the news had an increase in the second part of the month.

September 2013 Daily Trend

No surprisingly, US lead the Country Distribution chart. Also, it is worth to mention the second place of Cambodia, as a direct consequence of the wave of attacks carried on by the Anonymous collective. India is in the middle of a Cyber War against Pakistan and this explains his bronze medal just ahead of UK.

September 2013 Country Distribution

The Motivations Behind Attacks chart shows an unexpected overtake of Hacktivism on Cyber Crime. It’s also worth to mention the unusual level of attacks motivated by Cyber Espionage, jumped to a noticeable 10%: better countermeasures that allow to discover a growing number of sophisticated cyber attacks or a consequence of the marketing hype? In any case September has been particularly hard for Oil and Energy Sector that suffered several targeted campaigns.

September 2013 Motivations

The Distribution of Attack Techniques chart is completely unedited. Looks like hacktivists are shifting their preferences to other “unconventional weapons” such as Defacements and Account Hijackings. Maybe these techniques grant more visibility and less risks for the authors. Surprisingly for this month DDoS has fallen to 9% from 17.8% of the previous month. On the other hand targeted attacks are stable at 4%.

September 2013 Distribution

The Distribution of Targets chart confirms governments at number one, just ahead targets belonging to industry. Targets belong to Law Enforcements gained several positions in comparison with the previous month, raising at number three with 6%. Drilling down to industry fragmentation, financial services and E-Commerce lead the chart.

September 2013 Target Distribution

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks, published in the news, and included in my timelines. The sample cannot be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Update to the Cyber Attacks Timelines and Statistics

September 25, 2013 Leave a comment

August 2013 CountriesI have updated the 2013 Cyber Attacks Timeline Master Index and the related Cyber Attacks Statistics. Now the two pages show all the data (and the related statistics) collected since January to August 2013. September data will be included once ready (hopefully in one week).

Enjoy your reading (and awareness)

August 2013 Cyber Attacks Statistics

September 7, 2013 Leave a comment

It’s time for the statistics derived from the Cyber Attacks Timelines of August (Part I and Part II).

As usual, it is important to point out that I cannot provide a comprehensive picture since I only take into consideration those events that, in my opinion, deserve to be taken into consideration. Nevertheless I believe this data can be useful to understand what’s going on.

Before starting, please let me thank @piz69 who gave me very useful suggestions to sort the data. I am not a big fan of Excel (and hence of its Pivot Tables), but I must confess they are very useful!

Let us begin with the Daily Trend of Attacks chart. The chart is dominated by the peak around the August, the 15th. A clear consequence of the mutual attacks between India and Pakistan in conjunction with their respective Independence Days.

August 2013 Daily Trend

US and UK confirm their top rank in the Country Distribution chart, with India that overtakes Pakistan, pushing it out of the podium. For sure the US are a willing prey for Cyber Criminals, but is also necessary to consider the influence of the Security Breach Notification Law, which grants a higher transparency. I wonder if EU countries will climb the rankings once the new Data Breach Notification Law will fully come into effect.

August 2013 Countries

Just like the previous month, Cyber Crime leads the Motivation Behind Attacks chart with approximately half of the attacks recorded. Hacktivism is stable at 35% while the growth of Cyber Warfare is related (once again) to the cyber skirmishes between India and Pakistan.

August 2013 Motivations

Apparently is getting harder and harder to track the real technique used to carry on the attacks (apparently nearly for one attack on four this was not possible). However, DDoS in on the spot again and leads the Distribution Of Attack Techniques chart for the known cases. The Syrian Electronic Army traced the line, so the influence of Account Hijacking is becoming more and more evident month after month. Instead the fall of SQLi keeps on. Apparently this technique is constantly loosing points (but I wonder how many of the “unknowns” were effectively related to SQLi.

August 2013 Techniques

And just for a change, once again, Governmental targets lead the Distribution of Target chart with nearly 26%. Industry ranks at number two, while single individuals (victims essentially of account hijackings) rank at number three.  It is interestig to notice, among the organizations victims of Cyber Attacks, the predominance of targets related to Political Parties, a consequence of the social protests exploding all over the world in these troubled days.

August 2013 Targets

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

 

July 2013 Cyber Attacks Statistics

August 11, 2013 Leave a comment

It’s time for the Statistics related to the Cyber Attacks reported in the July 2013 Timelines (Part I and Part II).

You will find a (hopefully) welcome novelty from this month: as a matter of fact starting from July I begun to record the nationality of the targeted companies (not the domains), so the corresponding data will be reported in the statistics accordingly.

Let us begin with the Daily Trend of Attacks chart. Here the Summer shows its effects showing a constantly decreasing shape after the peak occurred the 15th.

July 2013 Trend

And here it comes the innovation. Easy Predictable US (well above the others) and UK lead the Country Distribution Chart, but even Pakistan is not that bad! The other countries are aligned at approximately the same levels. US and UK collected together the 45% of the attacks reported in the timelines.

Country Jul 2013

Just like the previous month, Cyber Crime leads the Motivation Behind Attacks chart. The levels are similar to the ones of the previous month with a light drop from 62% in June to 57% in the current month. On the other hand, unlike the past years, this summer seems quite problematic for the hacktivists, also due to the recent sentencing.

Motivations Jul 2013

It is true, this July has brought many innovations, and for the first time Defacements lead the Distribution Of Attack Techniques Chart. Also the account Hijackings are becoming very popular. For the first time (as far as I remember) SQLi and DDoS are out from the first three ranks, even if there is a meaningful amount of attacks for which it has not been possible to derive the used technique based on the available information. Kindly remind that I take defacements into consideration only when they are meaningful, that is targeting Governmental primary domains or high profile targets, or also when they cause the leaking of data.

Attack Techniques

Last but not least, Governmental targets lead the Distribution of Target chart with 29%. Industry ranks at number two, quite close (only three points far). The two categories swapped their places in comparison with the previous month. It is also interesting to notice the third position of single individuals, a consequence of the multiple attacks against Twitter accounts.

Industry Jul 2013

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

June 2013 Cyber Attacks Statistics

Here we are with the statistics for the cyber attacks included in the June 2013 timelines (part I and part II). A priori this month should have been characterized by huge operations (such as the infamous OpPetrol), instead, all in all, the cyber activity was quite moderated as shown by the Daily Trend of Attack chart, that shows a single remarkable peak around the 3rd of July (when several primary DNS providers were the victims of DDoS attacks).

Trend June 2013

The Motivations Behind Attacks chart shows an evident predominance of Cyber Crime (with 62% of the occurrences). Please keep in mind that the stats cannot take into considerations all the attacks made under the umbrella of the so-called OpPetrol, since many attacks were considered fake or even old dumps “recycled” for this occasion. Without these attacks, hacktivism ranks at number two, well below, with the 26% of occurrences. It is also interesting the growing weight of cyber-espionage, with an 8% substantially in line with the 9% of the previous month.

Motivations June 2013

The Distribution of Attack Techniques chart is substantially in line with the previous month: SQLi leads the chart with nearly one third of the known occurrences, while DDoS ranks at number three with nearly 15%. A factor particular interesting in this chart is the growing influence of targeted attacks (11.1%) at the third rank among the known attacks, and fourth rank in general since in many cases (18.5%) it was not possible to detect the attack technique used.

Distribution June 2013

The Distribution of Target chart confirms the industry sector on top of the unwelcome attentions of the cybercrooks, immediately followed by governmental targets and essentially in line with the previous month. The news sector ranks at number three, immediately before Internet Services (as a consequence of the uncommon number of attacks reported against DNS Providers).

Target

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

January-May 2013 Cyber Attacks Statistics

I still must complete the Cyber Attacks Timeline for June 2013, but at least I found the time to collate all the stats created thus far (up to May). They are available at this link so feel free to have a look.

Actually nearly 20 days ago I wrote:

I still miss to complete the 2013 section for the statistics, but is only a matter of few hours.

I just realized did not specify which calendar I was using! Ok, just stay tuned for the next timeline (and keep on sharing!).

Permalink of the Cyber Attacks Statistics page:

http://hackmageddon.com/2013-cyber-attacks-statistics/

Follow

Get every new post delivered to your Inbox.

Join 2,705 other followers