As I do every month (unfortunately with a constantly growing delay, here are the statistics extracted from the cyber attacks timelines for April 2013.
As usual, let us begin with the Daily Trend Chart. The peak of April the 2nd seems to be quite an exception for a quiet month, showing a constant trend, except for the decrease towards the end.
Similarly to March, the Motivations Behind Attacks Chart confirms the predominance, inside the sample, of the attacks motivated by hacktivism, leading the chart with 56% (was 50% during the previous month).
And, again, similarly to March, DDoS leads the Distribution of Attack Techniques Chart with nearly 35%. SQLi ranks at number three with nearly the same value than the previous month (13.5%). It is worth to mention the rise of the cases of account hijacking, on the rise of the attacks carried on by the Syrian Electronic Army.
Again, the wave of DDoS attacks affects the Distribution Of Targets Chart, lead by Financial Targets with 32%, twice as much as the industrial sector, ranking at the second place with nearly 15%. Apparently the attention against the governmental targets is decreasing, as a result, they rank at number three with 10.7%.
As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
I have aggregated the data collected related to cyber attacks occurred in April 2012 (that you may find in the links on the right) in order to provide a consolidated view for the month. The statistics have been taken according to three parameters: Motivations Behind Attacks, Distribution of Targets and Distribution of Attack Techniques. Of course the information does not pretend to be exhaustive, in any case it is useful to provide a snapshot on the cyber landscape of the last month.
As far as the Motivations Behind Attacks are concerned, Cyber Crime ranks undoubtedly at number one with the 51% of the occurrences. Hacktivism is at number two with “only” the 39% of the occurrences. Other motivations such as Cyber Warfare or Cyber Espionage are far behind with respectively the 7 and 2 percent. This is not a surprise since attacks motivated by Cyber Espionage should be supposed to be subtle and hidden and this explains their rank (unlike the attacks motivated by hacktivism that use to attract the greatest attention by media).
As far as the Distribution Of Targets is concerned, Governements keep on to be preferred targets, with nearly one third of the occurrences. Law Enforcement Agencies rank at number two with 9% immediately followed by Educational Institutions with 7%. Online Platforms such as Online Games or other kind of platforms (such as email services) are behind with the 6% of occurrences for both of them. Of course the high position for governments and LEAs is quite simple to explain: both categories are the preferred targets for hactkivists.
A month characterized by Distributed Denial of Service, at least according to the Distribution of Attack Techniques chart. SQL Injection ranks at number two, immediately followed by Defacement. If we sum up also the indirect occurrences of SQLi (that is those cases whose symptoms seem the ones proper of SQLi but no direct evidences were found) the distribution of the two techniques is nearly the same (respectively 29% for DDoS and 27% for SQLi). Of course DDoS is the preferedd cyber weapon for hacktivists and this explain its dominion on this unwelcomed chart.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.