About these ads

Archive

Posts Tagged ‘Statistics’

September 2014 Cyber Attacks Statistics

October 13, 2014 Leave a comment

I have finally found the time to aggregate the data of September (Part I and Part II) into statistics.

As usual, let us start with the analysis of the Daily Trend of Attacks, which shows quite an heterogeneous trend with two peaks exactly at the beginning of the month and in the middle (yes, curiously during a weekend).

Daily Trend of Attacks

The Motivations Behind Attacks chart sees an unprecedented peak of Cyber Crime events. Still at number one, a constant trend during the last months, but with a remarkable 70.8% (versus 56.3% of August). The trail of POS Malware, the Shellshock vulnerability, and other minor events, certainly left a noticeable. As usual, Hacktivism ranks at number two, far below, with a “modest” 18.1% (was 28.2% in August), while  Cyber Espionage operations confirm a relatively important role (11.1%), despite slightly decreasing in comparison with 14.1% of the previous month.

Motivations Sep 2014

The most noticeable aspect of the Distribution Of Attack Techniques is the surge of SQLi attacks (at number one among the “recognized” attacks with 15.3%, versus 9.9% of August). Defacements follow closely with 11.1%. The third rank is all for the Account Hijacking thanks to “The Fappening” affair.

Attacks Sep 2014

Cyber Crime is on top of the Motivations, and as a consequence Industrial targets are on top of the Distribution of Targets Chart with a noticeable 40.3%, far beyond Governmental targets that, at last for this month, loose the crown (16.7%). The others are well behind, with the attacks towards single individuals (11.3%), which occupy steadily the third place.

Targets Sep 2014

A deeper look at the distribution of the industrial targets, shows a predominance of Software and Video Games targets (14% each). E-Commerce and Retail targets are immediately behind (10% each), sharing their position with Touristic targets, and immediately above Oil and Gas (7%).

Industry Drill Down Sep 2014Organizations Sep 2014

Once again, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

About these ads

August 2014 Cyber Attacks Statistics

September 8, 2014 1 comment

It’s time to aggregate the stats of the August Cyber Attacks Timelines (Part I and Part II).

As usual, let us start from the Daily Trend of Attacks, which shows quite a heterogeneous trend with two peaks around the 18 and 21 August. Despite the summer, the overall level of attacks has been quite high throughout the month.

Daily Trends of Attacks August 2014

The Motivations Behind Attacks chart confirms Cyber Crime at number one, substantially in line with the previous month (56.3%). Hacktivism ranks at number two with 28.2% (was 23% in July), while the Cyber Espionage operations keep on occupying an important role. Even if the  reported 14.1% shows a decrease compared with the 18% of July, the value is similarly noticeable. A sign that the influence of targeted attacks in the news is still strong (in wake of the multiple attacks caused by financial malware).

Motivations Behind Attacks 2014

The Distribution Of Attack Techniques reveals an unprecedented 18.2% of targeted attacks, allowing this category to attain a deserved first place (shared with the category of unknown attacks). Defacement is immediately after (15.2%), while the other categories are further behind. It is also interesting to notice the decrease of DDoS and SQLi.

Attack Techniques August 2014

Governmental targets are back on top of the Distribution of Targets Chart with 29.6%, slightly ahead of industrial targets at number two with 28.2%. The others are well behind, with the partial exception of attacks towards single individuals (11.3%), nearly as much as twice of those against news and education targets (5.6%).

Distribution of Targets August 2014

A deeper look at the distribution of the industrial targets, shows a predominance of E-Commerce sites (20%, again an effect of the financial malware outbreak) and Restaurants (15%). The others follow with less than 10%. On the other hand, there is not so much to mention for organizations, few cases, mostly concerning non-profits.

Industry Drill Down August 2014Organizations Drill Down August 2014

Once again, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

July 2014 Cyber Attacks Statistics

August 11, 2014 Leave a comment

It’s time to aggregate the data of the timelines of July (Part II and Part II) into (hopefully) meaning stats.

Before drilling down into the numbers, a recommendation is necessary: I will never give up repeating that these stats are necessarily an approximation since the sample is very heterogeneous, and just like all approximations they could leave some shadow zones. An example for this month is represented by the tide of cyber attacks under the umbrella of #OpSaveGaza. I am not interested to enumerate all the single attacks (also because it would be virtually impossible), so this operation appears like a single entry in the stats. Of course you have any suggestion to cope with such similar situations, they are absolutely more than welcome.

So, after this tedious, but necessary introduction, let’s rock with the data.

The Daily Trend of Attacks shows quite a fragmented trend with a peak towards the end of the month. It is interesting to notice the general break during weekends. This probably depends on the collection methodology: when possible, if the information is known, I try to insert the date when the attack really happened, but in several cases this information is not available, so the reported date is the one when the attack was initially published in the news, which obviously happens less likely during weekends.

Daily Trend of Attacks July 2014

The Motivations Behind Attacks chart confirms Cyber Crime at number one with 59% of occurrences (a slight decrease compared to 65% of June). The staggering news is the resounding 18% of Cyber Espionage, confirmed the growing coverage for Targeted Attacks (they are almost always related to Cyber Espionage). Hacktivism is substantially stable at 23%, was 24% previous month).

Motivations July 2014

But the surprises continue! The Distribution Of Attack Techniques reveals an unprecedented 18.2% of targeted attacks, allowing this category to attain a deserved first place (shared with the category of unknown attacks). Defacement is immediately after (15.2%), while the other categories are further behind. It is also interesting to notice the decrease of DDoS and SQLi.

Techniques July 2014

Confirming the trend of the last months, Industry leads the Distribution of Targets Chart with 30.3%. Governmental targets rank at number two, 16.7%, well ahead of Organizations at number three with 16.7%. Values substantially in line with the ones of June.

Targets July 2014

A detailed analysis of Industrial targets shows a predominance of targets belonging to E-Commerce, Tourism and Restaurant. While Non-Profit entities lead the corresponding chart for organizations.

Industry Drilldown 2014Org Drilldown July 2014

As I mentioned before and always repeat, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

Additionally, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

June 2014 Cyber Attacks Statistics

It’s time to aggregate the Cyber Attacks Timelines of June (Part I and Part II) into statistics.

So, as usual, let’s start with the Daily Trend of Attacks chart, which shows quite an irregular trend with a sharp peak on the 11th.

Daily Attack Trend June 2014

The Motivations Behind Attacks chart confirms once again Cyber Crime at number one with 65% of occurrences. Overall the values are almost specular to the previous month. Particularly meaningful is the 11% of operations motivated by Cyber Espionage.

Motivations June 2014

The Distribution Of Attack Techniques chart shows a 27.4% of unknown attacks, a result in line with the previous month when this value was 26%. The rise of DDoS is another interesting aspects (this technique is increasingly used to blackmail victims), as also the 9.7% of targeted attacks, a relatively high value for this class, and, again, in line with the previous month.

Techniques June 2014

Once again, Industry leads the Distribution of Targets Chart with 35.5%. Governmental targets rank at number two, close to 20%, well ahead of Organizations at number three with a modest 6.5%.

Targets June 2014

Drilling down the Distribution of targets belonging to industry, shows quite an heterogeneous landscape. Software industries lead the chart with 22.7%, followed by Restaurants (??) with 13.6% and Financial Services (9.1%). All the other categories are well behind with a “flat” 4.5% each.

Industry Drill Down Jun 2014

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

Additionally, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

May 2014 Cyber Attack Statistics

Update on 19/06/2013: I had to update the graph since, in compiling the first timeline of June, I discovered two attacks that apparently fell off my radar: the DDoS attacks to Moz and Plenty of Fish.

I found the time to aggregate the timelines of May (part I and part II) to derive some interesting stats. As a general rule, since many readers often pose the same questions, all the stats are derived from the Cyber Attacks Timelines I publish (almost) bi-weekly.

As I noticed previously in these pages, looks like attackers are just waiting for the Summer, since the number of events in May has experienced a sensible decreease.

The Daily Trend Of Attacks chart shows quite a linear trend with two small peaks around the 15 and 30 May. Overall the activity appears quite limited.

Trend May 2014

Cyber Crime rocks! This is the outcome of the Distribution of Attacks chart, showing a 67% of attacks carried on for criminal purposes. Particularly interesting is also the 11% of reported attacks related to Cyber Espionage.

Motivations May 2014

And in (too) many cases the reason of the attacks is unknown. At least this is what the Distribution of Attack Techniques chart states. Other interesting findings include the rise of Account Hijackings and the noticeable 9% of Targeted Attack (an high incidence this month, undoubtedly related to the similar high incidence of Cyber Espionage).

Techniques May 2014

And last but not least, the Distribution of Targets chart shows a predominance of attacks against Industry (41%), twice the occurrences related to Governmental targets (20%). Targets belonging to Educational institutions rank at number three with “only” the 9%.

Distribution May 2014

Drilling down the Industrial targets provides further interesting findings. Cyber Crime rules and, maybe not a coincidence, targets related to E-Commerce rank at number one (after all this was the month of the Ebay breach) together with software industries (18.2% both). Entertainment rank at number three with 13.6% each.

Industry May 2014

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

Of course follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

4 Years of Cyber Attacks

I would like to thank once again ISMS Forum Spain for having invited me at their XV Jornada Internacional de ISMS Forum: La Sociedad Digital, entre Confianza y Ciber-riesgos.

I was part of a very interesting panel “Fighting Cyber Threats” during which I was given the opportunity to show some stats collected from my blog.

Here’ s the presentation I showed. Hope it is useful to spread awareness.

Please read carefully the caveats. As always the data cannot be exhaustive, nevertheless they are useful to provide an overview of what’s going on!

Jan-Apr 2014 Cyber Attacks Statistics

I have been quite busy in the last few months, so, unfortunately, I was not able to keep the pace with the statistics derived from my Cyber Attacks Timelines. However, thanks to the ISMS Forum Spain (Asociación Española para el Fomento de la Seguridad de la Información), I have been invited to take part at the XV Jornada Internacional de ISMS Forum: La Sociedad Digital, entre Confianza y Ciber-riesgos (to be held on May, the 28th in Madrid).

Taking advantage of this awesome opportunity, I have been able to reorganize the data collected so far for the events recorded in 2014.

What I show below, is a synthesis of this work. Further information will be presented in Madrid, and later in my blog. Meanwhile, I hope the information provided will satisfy the readers who kindly asked for an update of the stats.

Let us start with the Daily Attack Trend Chart.

Daily Attack Trend Jan-Apr 2014

Needless to say, the crooks have started this infosec year with the brakes on. Apart from few noticeable examples (for instance the peak on the 20th of April due to the NullCrew collective), the activity is quite low in comparison with the past years (again a full analysis will be shown in Madrid).

Drilling down the Daily Attack Trend:

Daily Attack Trend Drill Down Jan-Apr 2014

Shows a constant ‘bias’ of events related to Cyber Crime with some isolated peaks of Hacktivism. This is also evident from the Motivations Behind Attacks Chart.

Motivations Jan-Apr2014

Here the Cyber Crime dominates the chart, accounting for the 61% of the total events. Nearly twice more than Hactkivism, stuck to a ‘modest’ 31%. On the other hand Cyber Espionage and Cyber Warfare are quite stable at the values of 2013 when they were respectively at the 5% and 4% (but do not get carried away, the end of the year is far away and there is time to change along the way).

And the fall of Hacktivism finds another indirect confirm in the Distribution of Attack Techniques Chart:

Attack Techniques Jan-Apr2014Apparently fewer and fewer information is disclosed, so nearly one fifth of the recorded attacks if of uncertain origin. However both DDoS and SQLi confirmed the decreasing trend. On the other hand Account Hijacking maintains its growing trend (was 9% in 2013).

Last but not least, the Distribution of Targets chart:Targets Jan-Apr2014Targets belonging to industry rank at number one with the nearly 30% of occurrences, well ahead of governmental targets (at number two with nearly 19%) and organizations (at number three with nearly 12%). The others are behind (luckily for them).

Well, that’s all folks… At least so far… As I said before further data will follow…

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks, published in the news, and included in my timelines. The sample cannot be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Enhanced by Zemanta
Follow

Get every new post delivered to your Inbox.

Join 3,088 other followers