This year, different attack vectors— such as DDoS, bots, and web-based exploits—have seen an exponential rise as compared to last year.
Some stats your way
The media sector suffered the most number of DDoS attacks at 42%, followed by retail (27%) and gaming (15%) sectors.
According to a CDNetworks report, brute force is the most common type of web application violation, followed by SQL injection, custom rules, dynamic IP blacklist, and IP blacklist.
Automation has become a substantial threat as more than 90% of web attacks are automated.
This year, 660 bot attacks were witnessed per second, with the numbers rising in the second half.
Line of march
The report exhibits that APIs, micro-services, and serverless functions are vulnerable to DDoS attacks, bot traffic, and malformed requests since the evolution of web app techniques brings new attack surfaces to the surface.
Furthermore, software-defined security is rising as the ‘it’ trend in network security development.
Industry transformation is a precarious area as hackers have a tendency to move their focus from one sector to the next big thing.
Other stats and facts
Regarding phishing, attackers are mostly focused on e-commerce services ( 34.70%), followed by IT and telecom (22.20%), and product and mining (13.90%) sectors.
The use of VPNs by remote workers has opened a new gate for attackers to try their hands on and they are getting successful at it.
Ransomware-as-a-Service (RaaS) has seen a growth spurt as it automates the repetitive attacks associated with ransomware campaigns.
The bottom line
Businesses that are preoccupied with user privacy, security, and compliance do not have the luxury to be finicky about security services. They are recommended to go the whole nine yards when it comes to defending themselves from the constantly evolving cyber threats. This is the time to rethink the fundamentals of strategy and tailor them to meet the needs of the current security landscape.