Trend Analysis: Top Threats of 2019-2020

An insightful report by the European Union Agency for Cybersecurity (ENISA) was recently published, summarizing the European threat landscape and the top threats in 2019-2020. The report highlights some significant changes in the threat landscape over the last year, driven by mainly two factors: the COVID-19 pandemic, forcing almost the whole population to work from home, and the continuous increasing trend in the advanced adversary capabilities of threat actors.

Dec 01, 20208:00 AM3 min read

Let's start with some stats. On the list of this year’s largest cyber threats, we see web-based attacks climbing to spot number 2, web application attacks staying as the 4th largest threat, Denial of Service (DoS) attacks at spot 6 and botnets at number 10. This points to the fact that the Internet presence of your company is more crucial than ever to protect in a complete and efficient manner.

Top threats of 2019-2020

  • Malware
  • Web-based Attacks
  • Phishing
  • Web application attacks
  • Spam
  • Denial of service
  • Identity theft
  • Data breaches
  • Insider threat
  • Botnets
  • Physical manipulation, damage, theft and loss
  • Information leakage
  • Ransomware
  • Cyberespionage
  • Crytojacking

Now, we'll look into some details of some of these attacks.

Web Application Attacks

The increase in the complexity of web application attacks and their widespread services creates challenges in securing them against threats. Over the last year, these types of attacks have increased significantly, with SQL injections accounting for two-thirds of all web application attacks.

Statistics from ENISA’s Web Application Attacks Trend Analysis 2019-2020
  • Web application attacks increased with 52% compared to the year before.
  • 20% of companies and organizations reported DDoS attacks on their application services on a daily basis.
  • The most commonly observed vulnerabilities in web applications were security misconfigurations (84%), followed by cross-site scripting and broken authentication.
  • Studies found that only 63% of participants were using a web application firewall (WAF) and that 27.5% have plans to deploy one, while 9.5% do not have any such plans.

DDoS Attacks

Researchers predict that with the implementation of 5G networks and the increasing number of connected devices, botnet networks will expand, resulting in an increase of DDoS attacks. Additionally, with the advancement of technical skills, the level of sophistication of attacks has increased and malicious actors have been observed to be running more reconnaissance activities.

Statistics from ENISA’s DDoS Trend Analysis 2019-2020
  • The total number of DDoS attacks increased 241% during Q3 compared to the year before.
  • 79.7% of all DDoS attacks were SYN-Floods.
  • The longest DDoS attack measured in Q2 2019 was 509 hours long.
  • An increased DDoS activity by botnets have been observed, where China (24%), Brazil (9%) and Iran (6%) were considered as the countries most infected with botnet agents.
  • 21% of DDoS attacks lasted for 1 hour, 4% lasted 6-12 hours and 8% lasted for 12+ hours.

Botnets

With advancements in distributed computing and automation, malicious actors get the opportunity to improve their attack methods. This has led to botnets being able to operate in a more distributed and automated way and are available from self-service and ready-to-use providers.

Statistics from ENISA’s Botnet Trend Analysis 2019-2020
  • 17 602 fully functional botnet C2 servers were found, which is a 71.5% increase from the year before.
  • The highest share of botnet C&C servers were registered in the US (58%), followed by the UK (14%) and China (9.5%) in Q4 2019.
  • 60% of new rival botnet activity is associated with stealing credentials.
  • Linux based botnets were responsible for almost 97.4% of attacks.
  • A 57% increase in the number of Mirai variants detected, with an increase in both brute-force (51%) and web exploitation (87%) attempts.
  • Only 1 in 20 of the 7.7 million IoT devices that are connected to the internet every day is estimated to be behind a firewall or similar network security tools.

What can you do to protect your company on the Internet?

There are luckily efficient ways to protect your Internet-based assets. With a threat protection that applies a layered approach, you can be sure to mitigate all kinds of Internet attacks before they can do any damage to your digital assets. Baffin Bay Networks’ Threat Protection Service runs all your company’s incoming traffic through our scrubbing centers, sorts out any malicious traffic and then forwards only clean and legit traffic to your website, application or web server. With this approach, you’ll always be one step ahead of hacktivists and bad actors will never get anywhere near your protected service. Do you want to try the protection for your own company? Request a demo free of charge today.

Dec 01, 20208:00 AM

Baffin Bay Networks