About these ads

Archive

Posts Tagged ‘Statistics’

November 2014 Cyber Attacks Statistics

December 8, 2014 Leave a comment

CountryIt’s time for the statistics derived from the Cyber Attacks Timelines of November (Part I and Part II).

Let us begin with the Country Distribution chart that, easy predictable, shows the US on top of all categories. However, globally, even Italy, Canada and UK show up, respectively for Hacktivism (the first two countries) and Cyber Crime (the latter).

The Daily Trend of Attacks chart shows a moderate activity with a peak on the 10th, and a plateau between the 13th and 14th. Despite the 5th of November is a day felt by Hacktivists, no noticeable operations have been recorded this year.

November 2014 Daily Trend

Once again Cyber Crime leads the Motivations Behind Attacks chart with 55.8% substantially in line with the previous month (was around 60%). Hacktivism ranks at number two with 28.6%, a remarkable increase compared to 13.8% of October. Whereas Cyber Espionage remains quite high (13%, despite in decrease compared to the record value of 17.2% recorded in October.

November 2014 Motivations

Defacements lead the Attack Techniques chart with 20.8% (among the known attacks). SQLi ranks at number two with 13.0% very close to DDoS, at number three with 11.7% (a consequence of the hacktivism driven hacking spree recorded in November). Targeted attacks rank at number four with 10.4%, still quite an important value, even if in decrease compared to 13.8% of October.

November 2014 Techniques

For the third month in a row, industry ranks on top of the Distribution of Targets chart (28.6%, nearly identical to October when it was 28.7%). As always governmental targets rank at number two (23.4%). While organizations are back at number three (14.3%).

November 2014 Targets

Again, targets belonging to E-Commerce rank on top of the Industry Dill Drown chart, while political organizations lead the Organization Drill Down chart.

Industry Drill Down November 2014Org Drill Down November 2014

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

October 2014 Cyber Attacks Statistics

November 10, 2014 Leave a comment

CountriesHere we are with the statistics extracted from the October cyber attacks timelines (part I and part II).

I have already stressed this concept many times, but some readers keep on asking where the data is scraped from. The answer is simple and always the same: I compile the timelines each month, quoting the sources in the footnotes. Each month I elaborate the data trying to represent them in charts, which of course cannot be exhaustive, but just give an idea of what’s going on in the cyberspace.

That said, this month I added again an old acquaintance: the graph related to the Country Distribution of attacks divided into categories: of course US rank of top, except for Cyber Espionage operations, which privilege multiple countries.

Instead, the Trend of Attacks chart shows an overall high level of activity throughout the month, with a prominent peak around the 9th, corresponding to the spree of attacks between India and Pakistan.

Daily Trend Of Attacks

As usual Cyber Crime leads the Motivations Behind Attacks chart with nearly 60% (10 points below the previous month, but always at a remarkable level). Cyber Espionage jumps at number two with a new record (17.2%). Hacktivism ranks at number three with a “modest” 13.8%. You will notice also a small presence of attacks related to Cyber War (9.2%). I decided to classify in this group the events behind India and Pakistan and an alleged (unconfirmed) attack to the Warsaw Stock Exchange, for which an hacker affiliated to IS claimed responsibility.

Distribution Oct 2014

And for the first time after so many months, SQL Injection leads the Attack Techniques chart with 18.4%. Particularly important is also the 13.8% of targeted attacks, which steadily places this category at the third place. On the opposite site, the number of DDoS attacks is constantly decreasing, and this explains its “miserable” 3.4%. I do not remember such a low level for this category.

Attack Techniques Oct 2014

Again, for the second month in a row, industry ranks on top of the Distribution of Targets Chart (28.7%), nearly 7 points ahead of governmental targets (21.8%). Attacks against single individuals are the new entry at number three (10.3%), slightly ahead of organizations (9.2%).

Targets Oct 2014

A deeper look at the distribution of the industrial targets, shows a predominance of E-Commerce (24%), while, as it often happens, political parties lead the chart of the Organizations.

Industry Distribution Oct 2014Organization Distribution Oct 2014

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

About these ads

September 2014 Cyber Attacks Statistics

October 13, 2014 Leave a comment

I have finally found the time to aggregate the data of September (Part I and Part II) into statistics.

As usual, let us start with the analysis of the Daily Trend of Attacks, which shows quite an heterogeneous trend with two peaks exactly at the beginning of the month and in the middle (yes, curiously during a weekend).

Daily Trend of Attacks

The Motivations Behind Attacks chart sees an unprecedented peak of Cyber Crime events. Still at number one, a constant trend during the last months, but with a remarkable 70.8% (versus 56.3% of August). The trail of POS Malware, the Shellshock vulnerability, and other minor events, certainly left a noticeable. As usual, Hacktivism ranks at number two, far below, with a “modest” 18.1% (was 28.2% in August), while  Cyber Espionage operations confirm a relatively important role (11.1%), despite slightly decreasing in comparison with 14.1% of the previous month.

Motivations Sep 2014

The most noticeable aspect of the Distribution Of Attack Techniques is the surge of SQLi attacks (at number one among the “recognized” attacks with 15.3%, versus 9.9% of August). Defacements follow closely with 11.1%. The third rank is all for the Account Hijacking thanks to “The Fappening” affair.

Attacks Sep 2014

Cyber Crime is on top of the Motivations, and as a consequence Industrial targets are on top of the Distribution of Targets Chart with a noticeable 40.3%, far beyond Governmental targets that, at last for this month, loose the crown (16.7%). The others are well behind, with the attacks towards single individuals (11.3%), which occupy steadily the third place.

Targets Sep 2014

A deeper look at the distribution of the industrial targets, shows a predominance of Software and Video Games targets (14% each). E-Commerce and Retail targets are immediately behind (10% each), sharing their position with Touristic targets, and immediately above Oil and Gas (7%).

Industry Drill Down Sep 2014Organizations Sep 2014

Once again, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

August 2014 Cyber Attacks Statistics

September 8, 2014 1 comment

It’s time to aggregate the stats of the August Cyber Attacks Timelines (Part I and Part II).

As usual, let us start from the Daily Trend of Attacks, which shows quite a heterogeneous trend with two peaks around the 18 and 21 August. Despite the summer, the overall level of attacks has been quite high throughout the month.

Daily Trends of Attacks August 2014

The Motivations Behind Attacks chart confirms Cyber Crime at number one, substantially in line with the previous month (56.3%). Hacktivism ranks at number two with 28.2% (was 23% in July), while the Cyber Espionage operations keep on occupying an important role. Even if the  reported 14.1% shows a decrease compared with the 18% of July, the value is similarly noticeable. A sign that the influence of targeted attacks in the news is still strong (in wake of the multiple attacks caused by financial malware).

Motivations Behind Attacks 2014

The Distribution Of Attack Techniques reveals an unprecedented 18.2% of targeted attacks, allowing this category to attain a deserved first place (shared with the category of unknown attacks). Defacement is immediately after (15.2%), while the other categories are further behind. It is also interesting to notice the decrease of DDoS and SQLi.

Attack Techniques August 2014

Governmental targets are back on top of the Distribution of Targets Chart with 29.6%, slightly ahead of industrial targets at number two with 28.2%. The others are well behind, with the partial exception of attacks towards single individuals (11.3%), nearly as much as twice of those against news and education targets (5.6%).

Distribution of Targets August 2014

A deeper look at the distribution of the industrial targets, shows a predominance of E-Commerce sites (20%, again an effect of the financial malware outbreak) and Restaurants (15%). The others follow with less than 10%. On the other hand, there is not so much to mention for organizations, few cases, mostly concerning non-profits.

Industry Drill Down August 2014Organizations Drill Down August 2014

Once again, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

July 2014 Cyber Attacks Statistics

August 11, 2014 Leave a comment

It’s time to aggregate the data of the timelines of July (Part II and Part II) into (hopefully) meaning stats.

Before drilling down into the numbers, a recommendation is necessary: I will never give up repeating that these stats are necessarily an approximation since the sample is very heterogeneous, and just like all approximations they could leave some shadow zones. An example for this month is represented by the tide of cyber attacks under the umbrella of #OpSaveGaza. I am not interested to enumerate all the single attacks (also because it would be virtually impossible), so this operation appears like a single entry in the stats. Of course you have any suggestion to cope with such similar situations, they are absolutely more than welcome.

So, after this tedious, but necessary introduction, let’s rock with the data.

The Daily Trend of Attacks shows quite a fragmented trend with a peak towards the end of the month. It is interesting to notice the general break during weekends. This probably depends on the collection methodology: when possible, if the information is known, I try to insert the date when the attack really happened, but in several cases this information is not available, so the reported date is the one when the attack was initially published in the news, which obviously happens less likely during weekends.

Daily Trend of Attacks July 2014

The Motivations Behind Attacks chart confirms Cyber Crime at number one with 59% of occurrences (a slight decrease compared to 65% of June). The staggering news is the resounding 18% of Cyber Espionage, confirmed the growing coverage for Targeted Attacks (they are almost always related to Cyber Espionage). Hacktivism is substantially stable at 23%, was 24% previous month).

Motivations July 2014

But the surprises continue! The Distribution Of Attack Techniques reveals an unprecedented 18.2% of targeted attacks, allowing this category to attain a deserved first place (shared with the category of unknown attacks). Defacement is immediately after (15.2%), while the other categories are further behind. It is also interesting to notice the decrease of DDoS and SQLi.

Techniques July 2014

Confirming the trend of the last months, Industry leads the Distribution of Targets Chart with 30.3%. Governmental targets rank at number two, 16.7%, well ahead of Organizations at number three with 16.7%. Values substantially in line with the ones of June.

Targets July 2014

A detailed analysis of Industrial targets shows a predominance of targets belonging to E-Commerce, Tourism and Restaurant. While Non-Profit entities lead the corresponding chart for organizations.

Industry Drilldown 2014Org Drilldown July 2014

As I mentioned before and always repeat, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

Additionally, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

June 2014 Cyber Attacks Statistics

It’s time to aggregate the Cyber Attacks Timelines of June (Part I and Part II) into statistics.

So, as usual, let’s start with the Daily Trend of Attacks chart, which shows quite an irregular trend with a sharp peak on the 11th.

Daily Attack Trend June 2014

The Motivations Behind Attacks chart confirms once again Cyber Crime at number one with 65% of occurrences. Overall the values are almost specular to the previous month. Particularly meaningful is the 11% of operations motivated by Cyber Espionage.

Motivations June 2014

The Distribution Of Attack Techniques chart shows a 27.4% of unknown attacks, a result in line with the previous month when this value was 26%. The rise of DDoS is another interesting aspects (this technique is increasingly used to blackmail victims), as also the 9.7% of targeted attacks, a relatively high value for this class, and, again, in line with the previous month.

Techniques June 2014

Once again, Industry leads the Distribution of Targets Chart with 35.5%. Governmental targets rank at number two, close to 20%, well ahead of Organizations at number three with a modest 6.5%.

Targets June 2014

Drilling down the Distribution of targets belonging to industry, shows quite an heterogeneous landscape. Software industries lead the chart with 22.7%, followed by Restaurants (??) with 13.6% and Financial Services (9.1%). All the other categories are well behind with a “flat” 4.5% each.

Industry Drill Down Jun 2014

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

Additionally, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

May 2014 Cyber Attack Statistics

Update on 19/06/2013: I had to update the graph since, in compiling the first timeline of June, I discovered two attacks that apparently fell off my radar: the DDoS attacks to Moz and Plenty of Fish.

I found the time to aggregate the timelines of May (part I and part II) to derive some interesting stats. As a general rule, since many readers often pose the same questions, all the stats are derived from the Cyber Attacks Timelines I publish (almost) bi-weekly.

As I noticed previously in these pages, looks like attackers are just waiting for the Summer, since the number of events in May has experienced a sensible decreease.

The Daily Trend Of Attacks chart shows quite a linear trend with two small peaks around the 15 and 30 May. Overall the activity appears quite limited.

Trend May 2014

Cyber Crime rocks! This is the outcome of the Distribution of Attacks chart, showing a 67% of attacks carried on for criminal purposes. Particularly interesting is also the 11% of reported attacks related to Cyber Espionage.

Motivations May 2014

And in (too) many cases the reason of the attacks is unknown. At least this is what the Distribution of Attack Techniques chart states. Other interesting findings include the rise of Account Hijackings and the noticeable 9% of Targeted Attack (an high incidence this month, undoubtedly related to the similar high incidence of Cyber Espionage).

Techniques May 2014

And last but not least, the Distribution of Targets chart shows a predominance of attacks against Industry (41%), twice the occurrences related to Governmental targets (20%). Targets belonging to Educational institutions rank at number three with “only” the 9%.

Distribution May 2014

Drilling down the Industrial targets provides further interesting findings. Cyber Crime rules and, maybe not a coincidence, targets related to E-Commerce rank at number one (after all this was the month of the Ebay breach) together with software industries (18.2% both). Entertainment rank at number three with 13.6% each.

Industry May 2014

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

Of course follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Follow

Get every new post delivered to your Inbox.

Join 3,198 other followers