March 2020 Cyber Threat Index reveals significant changes in web attack and traffic trends as a result of COVID-19

REDWOOD SHORES, Calif. – April 16, 2020 – Imperva, Inc., the cybersecurity leader championing the fight to secure data and applications wherever they reside, published its March 2020 Cyber Threat Index Report, revealing targeted attack trends towards the financial and food and beverage industries, across multiple countries, amid the COVID-19 pandemic.

The monthly report also revealed that the Cyber Threat Index remains at a ‘high’ level and the financial services sector has been suffering the most from cross-scripting site (XSS) attacks, and a continued increase in attacks from cloud services.. Key findings between March 1 and March 31, 2020 include:

  • Amid COVID-19, web traffic and attack trends were affected. During the month of March, Imperva tracked changes in traffic and attack trends across multiple industries and countries as the coronavirus pandemic escalated. The March findings indicated that the food and beverage industry experienced more website attacks globally (+6%), especially in Germany (+125%). There were more attacks on the financial industry both globally (+3%) and in specific countries like Italy (+44%), UK (+21%), and Spain (+18%).
  • CTI remains at a ‘high’ level. In March, a balancing effect took place as some industries (news and retail) saw increases in both traffic and attacks, while others (travel and sports) saw less traffic and attacks. Due to this variation between industries, the global index remains consistent and, while the score didn’t increase, the risks remain high.
  • Financial services suffer the most from XSS attacks. Cross-site-scripting attacks, a type of malicious script injection, were the most dominant attack vector (32%) for sites in the financial services sector. This may be because taking over web sessions in financial sites is extremely profitable for hackers, or because of the high regulation on these sites and the frequent risk assessment and penetration tests being conducted.
  • Network DDoS peaked at 279 GBPS. Aimed at a domain name registrar and web hosting company in the U.S., Imperva registered a network DDoS attack that peaked at 279 GBPS which is 37% higher than the average network DDoS attack in the last three months.
  • As attacks from anonymization platforms declined, attacks from cloud services increased. Imperva observed a 23% decline in attacks from anonymity frameworks like TOR, VPNs, and masking proxies. This can be explained by the simultaneous 10% growth in attacks coming from different cloud services, which provide a partial anonymity.
  • Attacks against the government and law sector in the U.S. declined, compared to an increase in France. France’s first local election round was accompanied by a 12% increase in attacks on law and government websites, while the U.S. experienced a 5% decline in attacks during the month of March.

The Cyber Threat Index is a monthly measurement and analysis of the global cyber threat landscape across data and applications, and is based on data gathered from Imperva sensors all over the world—including over 25 petabytes of network traffic passing through the Imperva CDN per month. With over one trillion total requests analyzed and 21 billion application attacks blocked, it offers an unrivaled and comprehensive look at application security and provides an easy-to-understand score to consistently track cyber threat levels and observe trends over time. Viewers can dive deeper into the score and drill down for individual industries and countries, and also view historic Index scores.

The March 2020 Cyber Threat Index is available at https://www.imperva.com/cyber-threat-index/

“This new research from the Cyber Threat Index underscores the importance of remaining vigilant in your security strategy during this uncertain time,” said Nadav Avital, head of security research at Imperva. “With attacks on the rise in the food and beverage and financial services industries, companies need to employ effective security strategies to balance the new load of traffic to their websites and mitigate new risks. As we quickly approach election season, it’ll be imperative that government websites bolster their security efforts, as they continue to be a hot target for attacks.”

The Cyber Threat Index was created by Imperva Research Labs, a premier research organization for security analysis, vulnerability discovery and compliance expertise. The organization provides round-the-clock research into the latest security vulnerabilities and is comprised of some of the world’s leading experts in data and application security.

About Imperva

Imperva is an analyst-recognized, cybersecurity leader on a mission to protect customers’ digital assets by accurately detecting and effectively blocking incoming threats, and empowering customers to manage critical risks, so they do not have to choose between innovating for their customers and protecting what matters most. At Imperva, we tirelessly defend our customer’s business as it grows, giving them clarity for today and confidence for tomorrow. Learn more at www.imperva.com, our blog, or Twitter.