Archive

Posts Tagged ‘Statistics’

March 2015 Cyber Attacks Statistics

Country DistributionIt’s time to aggregate the two Cyber Attack Timelines for March 2015 (Part I and Part II) into statistics.

As always, let’s start from the Country Distribution chart, which, similarly to March, sees the United States on top, followed by the United Kingdom and Australia.

After a slow start, the Daily Trend of Attacks chart shows an heterogeneously growing trend, at least up to March 29th, where the monthly peak is achieved, after which, a sudden drop appears and continues until the end of the month.

Daily Trend March 2015

We have been used to see Cyber Crime on top of the Motivations Behind Attacks chart, and March inevitably confirms this trend, with a percentage that slightly drops to 69% from 73.8% of February. Hacktivism is in line with the previous month, (20.7% vs 19%), as also Cyber Espionage is (8% vs 7.1% of February). I have also recorded a couple of events related to Cyber Warfare.

Motivations March 2015

The technique behind the 19.5% of the attacks remains uncertain, however, once again SQLi ranks on top of those known, even if the percentage drops to 16.1% from 25.3% on March. Defacements and Accounts Hijackings complete the podium of the known attacks, swapping their positions in comparison to March. The others follow…

Techniques March 2015

For the seventh month in a row, industry ranks on top of the Distribution of Targets chart with 27.6%, a value slightly increasing, but comparable with 26.2% of the previous month. Organizations show up in second place with 17.2%, ahead of Governments, at the third place, with 12.6%.

Targets March 2015

Again, the Industry Drill Down chart is extremely fragmented, the only constant is the terrible moment for the E-Commerce sites, which rank on top, well above the other categories. On the other hand, the Law Enforcement institutions are the preferred targets for the Organizations, as reported in the corresponding Drill Down chart.

Industry March 2015Org March 2015

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines, aiming to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

February 2015 Cyber Attacks Statistics

March 9, 2015 7 comments

Country Feb 2015Here we go with the aggregated statistics extracted from the Cyber Attacks Timelines of February 2015 (Part I and Part II).

As we normally do, let’s start from the Country Distribution Chart, which is led, as usual, by the United States. All the other countries are essentially aligned on the same level, with the sole exception of the United Kingdom, which slightly emerges over the others.

The Daily Trend of Attacks  shows quite a heterogeneous distribution throughout the month. After a slow start, two peaks emerge on the 10th and the 14th.

Daily Trend Feb 2015

Even in February, Cyber Crime is on top of the Motivations Behind Attacks Chart, increasing its percentage to 73.8% from the 67.4% of January. Hacktivism slows down to 19% (from 29.2%), whereas Cyber Espionage jumps to 7.1% (was 1.1% in January).

Motivations Feb 2015

For the second month in a row SQLi ranks on top of the Attack Technique Distribution Chart with 25.3% (was 33.7% on January). Account Hijackings and  Defacements swap their positions and complete the podium for the known attacks despite the third place of Defacements is in co-location with Targeted Attacks (quite a remarkable result).

Techniques Feb 2015

For the sixth month in a row, industry ranks on top of the Distribution of Targets chart with 26.2%, a value comparable to the 28.1% of the previous month). Single Individuals rank at number two (13.6%) and Organizations at number three (11.9%). Curiously this month Governmental targets are outside the podium, slightly ahead of  Educational (and Financial) targets.

Targets Feb 2015

The Industry Drill Down chart is extremely fragmented, however the terrible moment for the E-Commerce sites continues. On the other hand, the Non-Profit institutions are the preferred targets for the Organizations, as reported in the corresponding Drill Down chart.

Industry Drill Down Feb 2015Organization Drill Down Feb 2015

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines, aiming to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

January 2015 Cyber Attacks Statistics

February 5, 2015 6 comments

Country DistributionIt is time to summarize the data collected into the January 2015 Cyber Attacks timelines (Part I and Part II) into valuable statistics.

Many readers keep on asking where the information used to create the stats comes from. The answer is always the same: the statistics are created elaborating the timelines that I collect (approximately) on a bi-weekly basis and I publish on this blog (see also the Cyber Attacks Master Index).

I cannot be exhaustive, but at least my intention is just to provide an overview of the Threat Landscape, reporting the attacks that gained space in the media.

Moving to the data, as usual, the United States lead the Country Distribution chart for each category. The surprises of this month are France and UK, which win the “silver medal” having suffered an unusual number of cyber attacks by Pro-Islamist hacktivists, but also a number of “more traditional” attacks related to cyber crime, a number well above the average.

The Daily Trend of Attacks Chart shows an initial peak, a new concentration of activity in the middle of the month, followed by a decreasing trend with a partial revamp towards the end.

Daily Trend Jan 2015

Cyber Crime is always on top of the Motivations Behind Attacks Chart, even if with a small decrease in comparison with December (67.4% vs 72.6%). All in favor of hacktivism, which bumped up to 29.2% from 17.8%. On the opposite site, Cyber Espionage is well below the noticeable 8.8% of December.

Sometimes it comes back! I am obviously talking about SQLi, which, after several months in the shadow, ranks on top of the Attack Technique Distribution Chart (and even with quite an important value (33.7%). Defacements and Account Hijackings complete  the podium for the known attacks.

For the fifth month in a row, industry ranks unchallenged on top of the Distribution of Targets chart (but the 28.1% recorded this month is notably smaller than the 47.9% reported in December). Governmental targets rank at number two, and educational institutions are at the third place exactly just like one month ago.

Once again, E-commerce leads the drill-down chart for the industrial targets, whereas Non-Profit are on top of the corresponding chart for organizations.

Ind Drill Down Jan 2015 Org Drill Down Jan 2015

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines, aiming to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

2014 Cyber Attacks Statistics (Aggregated)

January 13, 2015 6 comments

As I did exactly one year ago, I have consolidated all the stats collected during 2014 with the intention to provide an high level overview of the past year. Of course this data does not pretend be exhaustive, I’d rather prefer to define the charts as macro-indicators of the threat landscape and the corresponding trends, since the sources of the timelines (from which the stats are derived) are open and therefore only show cyber attacks that were discovered and gained space in the news.

It is interesting to compare the trend of 2014 with the two previous years. It appears to be more stable, even if the overall level has been lower. The reason of this? Maybe the decreased impact of hacktivism and the major attention of the media towards the massive breaches that characterized the past year.

Monthly Trend

On the other hand, if one considers the drill down of the motivations month-by-month, it is even clearer the impact of Cyber Crime.

Monthly Trend (Drill Down)

And obviously the aggregated yearly distribution of motivations confirms this trend: Cyber Crime ranks at number one with 62.3% (it was 47% last year) followed by Hacktivism (24.9%, was 44% last year). It is interesting to notice the rise of Cyber Espionage that doubled its percentage (10.2% vs 5% in 2014).

Yearly Motivations

Defacement leads the chart of known Attack Techniques (16.4%, was 14% last year) ahead of SQLi (14.3%, down from 19% last year) and Account Hijacking (10.9%, a value slightly higher than last year when it was at  9%). It’s also worth to mention the Influence of Targeted Attacks (10.5%) and Malware, which in practice rank on top if one consider also the PoS Malware (the aggregated value is 17.3%).

Yearly Attack Techniques

Just like 2014, Governments and Industries have been the most preferred targets for Cyber Attackers with similar values (respectively 27.1% and 25.2%), with a substantial growth year-over-year (in 2014 they were respectively 23% and 22%). Targets belonging to Finance rank at number three (15.7%, more than twice in comparison with 2014). Organizations and news come after with respectively 8.3% and 6.6%.

Yearly Targets

As usual, bear in mind that the sample must be taken very carefully since it refers only to discovered attacks, published in the news, and included in my timelines. The sample cannot be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

December 2014 Cyber Attacks Statistics

January 9, 2015 5 comments

CountryThe new year has just begun, and here we are with the last blog post for the 2014 just gone related to the Cyber Attacks statistics derived from the timelines of December (Part I and Part II).

As usual, the US dominate the Country Distribution Chart for all the sectors taken into consideration, well ahead all the other countries.

The Daily Trend of Attacks Chart shows a concentration of activity in the central period of the month (maybe the Christmas atmosphere is particularly inspiring for crooks). After a slow start (or better an initial decrease), the trend climbs up, remaining quite constant for about 10 days.

Daily Trend Dec 2014

Cyber Crime rules! Or at least this is what the Motivations Behind Attacks Chart states. Actually this is quite a common situation, however, what is really surprising is the percentage, boomed to a noticeable 72.6% against the 55.8% of the previous month. As a consequence all the other sectors report values, sensibly smaller than the previous month.

Motivations Dec 2014

Tbe actions of the infamous Lizard Squad have brought DDoS on top of the Attack Techniques Chart (among the known ones). For the first time equally placed with Defacements and DDoS attacks. Once again, targeted attacks rank at number four with 9.8%, substantially in line with November.

Techniques Dec 2014

For the fourth month in a row, industry ranks unchallenged on top of the Distribution of Targets chart with an unprecedented 47.9%. Governmental targets rank at number two (13.7%), while educational institutions enter the top three with 9.6%.

Targets Dec 2014

E-commerce leads the drill-down chart for the industrial targets, whereas Human Rights are on top of the corresponding chart for organizations.

Industry Drill Down Dec 2014Org Drill Down Dec 2014

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

November 2014 Cyber Attacks Statistics

December 8, 2014 Leave a comment

CountryIt’s time for the statistics derived from the Cyber Attacks Timelines of November (Part I and Part II).

Let us begin with the Country Distribution chart that, easy predictable, shows the US on top of all categories. However, globally, even Italy, Canada and UK show up, respectively for Hacktivism (the first two countries) and Cyber Crime (the latter).

The Daily Trend of Attacks chart shows a moderate activity with a peak on the 10th, and a plateau between the 13th and 14th. Despite the 5th of November is a day felt by Hacktivists, no noticeable operations have been recorded this year.

November 2014 Daily Trend

Once again Cyber Crime leads the Motivations Behind Attacks chart with 55.8% substantially in line with the previous month (was around 60%). Hacktivism ranks at number two with 28.6%, a remarkable increase compared to 13.8% of October. Whereas Cyber Espionage remains quite high (13%, despite in decrease compared to the record value of 17.2% recorded in October.

November 2014 Motivations

Defacements lead the Attack Techniques chart with 20.8% (among the known attacks). SQLi ranks at number two with 13.0% very close to DDoS, at number three with 11.7% (a consequence of the hacktivism driven hacking spree recorded in November). Targeted attacks rank at number four with 10.4%, still quite an important value, even if in decrease compared to 13.8% of October.

November 2014 Techniques

For the third month in a row, industry ranks on top of the Distribution of Targets chart (28.6%, nearly identical to October when it was 28.7%). As always governmental targets rank at number two (23.4%). While organizations are back at number three (14.3%).

November 2014 Targets

Again, targets belonging to E-Commerce rank on top of the Industry Dill Drown chart, while political organizations lead the Organization Drill Down chart.

Industry Drill Down November 2014Org Drill Down November 2014

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

October 2014 Cyber Attacks Statistics

November 10, 2014 Leave a comment

CountriesHere we are with the statistics extracted from the October cyber attacks timelines (part I and part II).

I have already stressed this concept many times, but some readers keep on asking where the data is scraped from. The answer is simple and always the same: I compile the timelines each month, quoting the sources in the footnotes. Each month I elaborate the data trying to represent them in charts, which of course cannot be exhaustive, but just give an idea of what’s going on in the cyberspace.

That said, this month I added again an old acquaintance: the graph related to the Country Distribution of attacks divided into categories: of course US rank of top, except for Cyber Espionage operations, which privilege multiple countries.

Instead, the Trend of Attacks chart shows an overall high level of activity throughout the month, with a prominent peak around the 9th, corresponding to the spree of attacks between India and Pakistan.

Daily Trend Of Attacks

As usual Cyber Crime leads the Motivations Behind Attacks chart with nearly 60% (10 points below the previous month, but always at a remarkable level). Cyber Espionage jumps at number two with a new record (17.2%). Hacktivism ranks at number three with a “modest” 13.8%. You will notice also a small presence of attacks related to Cyber War (9.2%). I decided to classify in this group the events behind India and Pakistan and an alleged (unconfirmed) attack to the Warsaw Stock Exchange, for which an hacker affiliated to IS claimed responsibility.

Distribution Oct 2014

And for the first time after so many months, SQL Injection leads the Attack Techniques chart with 18.4%. Particularly important is also the 13.8% of targeted attacks, which steadily places this category at the third place. On the opposite site, the number of DDoS attacks is constantly decreasing, and this explains its “miserable” 3.4%. I do not remember such a low level for this category.

Attack Techniques Oct 2014

Again, for the second month in a row, industry ranks on top of the Distribution of Targets Chart (28.7%), nearly 7 points ahead of governmental targets (21.8%). Attacks against single individuals are the new entry at number three (10.3%), slightly ahead of organizations (9.2%).

Targets Oct 2014

A deeper look at the distribution of the industrial targets, shows a predominance of E-Commerce (24%), while, as it often happens, political parties lead the chart of the Organizations.

Industry Distribution Oct 2014Organization Distribution Oct 2014

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Follow

Get every new post delivered to your Inbox.

Join 3,712 other followers