LAST UPDATED Oct 04, 2021
Cybersecurity is changing fast. Just glance at the breach headlines, and you’ll most certainly see words like “API,” “bot,” or “third party.” With all the change, we’ve also seen an influx of cybersecurity research in recent weeks, which can be helpful when trying to sort out this new threat landscape and prioritize resources. Here is a brief preview of some of the recent studies we found that shed light on new trends:
Bot attack volumes growing 41% year over year, human-initiated attacks down 29%
Trends continue to show that the financial services industry and media businesses bear the brunt of increased automated bot network attacks – we’re seeing credit unions get hit extremely hard.
Misconfigured APIs account for two-thirds of cloud breaches
Threat actors are always looking to capitalize on human error, and around 66% of incidents involved APIs that were improperly configured. The overall result of these security issues has been to enable cryptojacking and ransomware, the top two malware types, which accounted for over half of cloud compromises.
First half DDoS attacks up 11% over last year
In the first half of 2021, approximately 5.4 million DDoS attacks were reported. These DDoS attacks were an 11% increase over last year, and also indicate that threat actors are using multiple approaches to attack organizations. Our threat-hunters observe highly sophisticated, multi-faceted, mixed-mode attacks that penetrate defenses by staying just below detection thresholds. Then they morph and move once more. Each elusive step applies different tricks to slip between the cracks in a defense perimeter designed for a different scale of attack.
Half of web owners don’t know if their site has been attacked
Almost 50% of web owners wouldn’t know for sure if their site had been attacked. The challenge for these firms is the extensive use of third-party sources for code, many of which obtain their code in turn from other third parties. This number is up nearly 10% from the previous year.
These studies highlight how rapidly both the application landscape and threat landscape are changing. We’re working hard to keep up with both while making your life a little easier at the same time. Click here to learn more about how we’re helping organizations protect modern web applications, or set up a live demo today.
