IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Web app attacks are up 800% compared to 2019

Report finds many attacks focus on companies least impacted by COVID-19 outbreak

Web application attacks have increased by over 800%, according to the State of the Web Security for H1 2020 report.

Published by CDN and cloud security provider CDNetworks, the report found that during the first half of this year, web application attacks, which use malformed requests or injected payloads to steal data, modify data or obtain privileges illicitly, increased nine times relative to H1 2019.

CDNetworks saw and blocked over 4.2 billion web application attacks during H1 2020.

The statistic show that web application attacks in the public sector surpassed attacks in retail venues, making the public sector the single most attacked industry during this period

“In fact, over 1 billion of the web attacks were targeted toward the public sector, which accounts for 26% of total attacks," the report says. "Equally disturbing is the fact that with artificial intelligence (AI) becoming a vital part of cybersecurity, hackers are now using machine learning to detect and crack vulnerabilities in networks and systems."

The company collected anonymized data from its clients and said the statistics showed enterprises are “experiencing challenging times in their attempts to defend against cyber attacks and protect their online assets.”

The report also found that DDoS attack incidents saw over a 147% year-on-year growth as of H1 2020. This increase peaked in February and March and remained at elevated levels. Similarly, attack peaks more than doubled in H1 2019 compared to H1 2020. The study found the most prevalent DDoS attacks were SYN flood at 53% and UDP flood at 35%. ACK flood and ICMP flood attacks were significantly lower at 8% and 4%, respectively.

According to the report, bot attacks nearly doubled in 2020 with 10.38 billion bot attacks blocked by the firm. CDNetworks said this figure was 97% higher than H1 2019. On average, CDNetworks blocked 660 bot attack incidents, nearly doubling H1 2019. 

Bot attacks relate directly to economic trends. In previous years, bot attacks focused on tourism and related industries, such as transportation and hospitality. But COVID-19’s impact on tourism and hospitality, online services, e-commerce and gaming are now bot attacks’ primary targets.

The report added that hackers are extremely sensitive to industry transformations and switch their attack tools and methods to keep pace with these changes.

“Nowhere is this more evident than with the Covid pandemic, where a decline in the tourism industry has prompted attackers to move toward exploiting online learning, telecommuting, and other businesses that are flourishing during the current pandemic,” the report’s authors said.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Best free malware removal tools 2022
Security

Best free malware removal tools 2022

22 Jun 2022
A guide to cyber security certification and training
Careers & training

A guide to cyber security certification and training

16 Jun 2022
What is shoulder surfing?
social engineering

What is shoulder surfing?

10 Jun 2022
CIAM buyer’s guide
Whitepaper

CIAM buyer’s guide

6 Jun 2022

Most Popular

Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Macmillan Publishers hit by apparent cyber attack as systems are forced offline
Security

Macmillan Publishers hit by apparent cyber attack as systems are forced offline

30 Jun 2022
FCC commissioner urges Apple and Google to remove TikTok from app stores
data protection

FCC commissioner urges Apple and Google to remove TikTok from app stores

29 Jun 2022