July 2020 Cyber Threat Index automated threats on the rise, with almost all attacks against eCommerce sites conducted by bots

REDWOOD SHORES, Calif. – Aug. 20, 2020 – Today, Imperva, Inc., the cybersecurity leader championing the fight to secure data and applications wherever they reside, published its July 2020 Cyber Threat Index Report. The report revealed two of the largest recorded DDoS attacks of 2020, underscoring an ongoing increase in application layer attacks of notable size and/or duration.

The monthly report also showed network traffic to education sites is increasing as families prepare for distance learning, eCommerce and retail attacks are increasingly bot-driven, and the overall Cyber Threat Index (CTI) score continues to be at a ‘high’ level.

Key findings between July 1 and July 31, 2020 include:

  • Largest DDoS attacks of the year continue the increasing trend of larger, longer application attacks. In July, Imperva Research Labs recorded the two largest DDoS attacks of 2020. The first attack, an application DDoS attack, targeted a Chinese gambling site with more than 650K requests per second (RPS) and peaking at 689K RPS, originating from 851 different source IPs and lasting less than 10 minutes. The second attack was a syn flood attack of 398 gigabits per second (GBPS). July marked the third month in a row with multiple application layer attacks of increased size and/or duration.
  • eCommerce and retail are experiencing increased bot attacks amidst continued brick-and-mortar COVID-19 lockdowns. Bot driven attacks accounted for 98% of attacks against eCommerce and retail, with 51% of retail attacks occurring in the United States. Remote code execution and data leakage of personally identifiable information (PII) were the most dominant attacks in these industries; for these industries combined, the CTI score fluctuated between 652 and 838, catapulting the industries to the high-risk category, ahead of Financial Services, Telecom and ISPs. Learn more about malicious bots and how they plagued the internet as a whole in 2019 in Imperva’s “2020 Bad Bot Report: The Bad Bots Strike Back.
  • Overall Cyber Threat Index score remains at a ‘high’ level. Although the number of overall attacks dropped by 10%, the increase in high-risk web attacks, including remote code execution and DDoS attempts, increased the CTI score by six points.
  • Education site traffic increased by 20% as families prepare for online learning. Network traffic continued to vary across industries, but education experienced an increase, along with adult sites (+10%).
  • China experienced a spike in cyber attacks. China experienced a high percentage of remote code execution attacks (44%) combined with high-risk DDoS attacks in the month of July, elevating the CTI score for China from 574 to 791.

The Cyber Threat Index is a monthly measurement and analysis of the global cyber threat landscape across data and applications based on data gathered from Imperva sensors all over the world—including over 25 petabytes of network traffic passing through the Imperva CDN per month. With over one trillion total requests analyzed and 21 billion application attacks blocked, it offers an unrivaled comprehensive look at application security and provides an easy-to-understand score to consistently track cyber threat levels and observe trends over time. Viewers can dive deeper into the score and drill down for individual industries and countries, and also view historic Index scores.

The July 2020 Cyber Threat Index is available at www.imperva.com/cyber-threat-index.

“As businesses continue to adjust to online traffic demands, we’ve seen how it has impacted the application attack surfaces,” said Nadav Avital, head of security research at Imperva. “While network traffic continues to vary, DDoS attacks are growing in size and frequency. In an increasingly digital world, businesses must be prepared to defend their sites and customer uptime. We recorded the two largest DDoS attacks of the year in July; these attacks are only one result of an ongoing trend as more businesses rely on digital uptime and presence for success.”

The Cyber Threat Index was created by Imperva Research Labs, a premier research organization for security analysis, vulnerability discovery, and compliance expertise. The organization provides round-the-clock research into the latest security vulnerabilities and is comprised of some of the world’s leading experts in data and application security.

About Imperva

Imperva is an analyst-recognized, cybersecurity leader on a mission to protect customers’ digital assets by accurately detecting and effectively blocking incoming threats, and empowering customers to manage critical risks, so they do not have to choose between innovating for their customers and protecting what matters most. At Imperva, we tirelessly defend our customer’s business as it grows, giving them clarity for today and confidence for tomorrow. Learn more at www.imperva.com, our blog, or Twitter.