A recent report on security threats per industry revealed that the retail industry is the top target for SQL attacks. In fact, the Imperva Web Application Attack Report (WAAR) also noted that the retail industry tends to suffer twice the amount of SQL injection attacks compared to the other industries.
The Imperva report released last month covered 70 web application across industries and geographies. The report is part of Imperva’s ongoing Hacker Intelligence Initiative, which covered a six-month period. Imperva offers business security solutions for critical applications and high-value data in the data centre.
The report said retailers suffered not only the most number of attacks, but also the most in terms of duration on the attack – averaging 26 times per minute. The report explained that frequency and duration of attacks depend on the size and design of the web application. In the case of retailers, one possible explanation is that they’re getting HTTP requests frequently because of their online catalogues.
“It is plausible to assume that retail applications contain a relatively large number of pages in the form of online catalogs, and that this factor may have contributed to the length and the intensity of SQL injection attacks,” the Imperva report stated.
Most web applications receive four or more web attacks per month, though some websites are also “constantly under attack.” The report cited one website which was attacked 98 percent of the time during the period in review. Imperva also noted that a single website received as much as 94,000 SQL injection attacks in a day or an average of 26 attack requests per minute, on average.
A “typical attack incident” usually lasts around five minutes. But the report noted that a worst case attack could last about 100 times longer, or approximately more than 15 hours.
“While most of the 70 web applications monitored were attacked a significant amount, some received an astounding number of attacks – with one application receiving up to an average of 26 per minute,” said Stree Naidu, vice president, Imperva, Asia Pacific and Japan. “While these findings undeniably demonstrate that web application attacks are far from consistently distributed, the takeaway is that organisations should base security measures on the worst case scenario, not on the average case.”
The study identified US as the top source of attacks, but other top sources of attacks included Western European countries, China and Brazil.
“We believe that, with the current threat landscape, organisations can no longer afford to take an every-man-for-himself approach to security,” said Naidu. “This report demonstrates that the automation and scale of attacks leave a large footprint that can be better addressed by looking at data gathered from a large set of potential victims. Thus it is important to rely on one’s peers to acquire intelligence on malicious sources and apply this intelligence in real time.”
Sign up for Computerworld eNewsletters.