The number of cyberattacks has gone up significantly in the second quarter of the calendar year.
Indusface, an application security SaaS firm, has said that the number of attacks has gone up by 115 per cent in this quarter, with the company’s AppTrana WAAP platform blocking over 2.37 billion threats during this period. On average, 960K attacks were blocked per website.
The State of Application Security Report’ for the second quarter said that bot attacks rose twice to reach 27.6 crore attacks in the quarter. Distributed Denial of Service (DDoS) attacks also witnessed an increase racing 83.50 crore, impacting 60 per cent of all sites monitored.
- Also read: FM Sitharaman to take stock of PSBs’ deposit mobilisation, cybersecurity levers on Aug 19
The Small and Medium Businesses (SMBs) globally faced over 55.9 crore attacks. “In all, 6 out of 10 sites witnessed a DDoS attack, whereas 9 out of 10 sites experienced a bot attack,” it said.
Power and energy companies faced up to 25 times more attacks than the industry average, likely because non-regulated industries with less stringent security requirements are soft targets for hackers.
The banking, financial services, and insurance (BFSI) sectors witnessed 45-60 per cent higher bot attacks. About 90 per cent of BFSI sites and all healthcare sites were targeted by malicious bots that are typically used for account takeover, card cracking, skimming, and other attacks.
The report also reveals a staggering increase of 12 times in attacks targeting vulnerabilities, driven by the proliferation of cyber exploitation tools.
The accessibility of technologies like LLMs (large language models) has lowered the barrier for novice hackers, significantly intensifying the threat landscape. A total of 25,000 critical and high vulnerabilities were found, with 31 p.c. of these vulnerabilities open for more than six months.
“Attacks exploiting known vulnerabilities have surged by 12 times, and bot attacks have risen twice. This increase could be attributed to the widespread adoption of large language models (LLMs), particularly among less experienced hackers,” Ashish Tandon, Founder and CEO of Indusface, said.
“Despite these attacks largely following predictable patterns, we anticipate significant changes on the horizon. For instance, advanced bots are increasingly targeting enterprise applications, while SMBs are facing a rise in DDoS attacks,” he said.
He felt that blocking sophisticated bots remains challenging even for enterprises with robust security tools and dedicated teams, while SMBs often lacked the budget for effective managed solutions to combat DDoS attacks.