Substantial Rise in Attacks on Orgs’ Web Apps Last Year

Written by

More than half (55%) of all cyber-attacks targeted organizations’ applications in 2019, which is a substantial increase compared to the previous few years, when these types of attacks made up around 30% of the total number.

This is according to data outlined in NTT’s Monthly Threat Report for August, which found that the apps most attacked globally in 2019 primarily related to supporting organizations’ web presence. About a third (33%) of all attacks were aimed at Joomla! (17%) and Apache products (16%) while 19% targeted other content management systems and supporting technologies.

Speaking to Infosecurity , Matt Gyde, CEO of the Security Division at NTT, said: “Since late 2018, there have been a number of significant vulnerabilities exposed in popular web frameworks and applications commonly used to develop and support an organization’s web presence. There was not a significant increase of new vulnerabilities, but there were new, exploitable vulnerabilities (we are seeing the re-activation of vulnerabilities that we thought were no longer in use), in some popular content management systems and related supporting technology.”

The report also revealed that in June 2020, attacks against networking products, such as Zyxel, Netis, Netcore, Netgear, Linksys, D-link and Cisco, accounted for 32% of all attacks, many of which were brute force or authentication attacks.

Another finding was that the amount of actual vulnerabilities being actively exploited is quite narrow, with the top 10 most attacked vulnerabilities in 2019 making up 84% of all attacks observed, while the top 20 most attacked vulnerabilities accounted for nearly 91% of all attacks. This indicates that threat actors are focusing on vulnerabilities that are known to give them success.

Additionally, just eight technologies made 41% of all attacks in June 2020, according to the report. These findings suggest that by focusing on the patching of a fairly narrow range of vulnerabilities, organizations can significantly lower the risk of attack.

Gyde added: “Many organizations simply do not have the appropriate infrastructure to track and manage vulnerabilities in an efficient manner, and are struggling to identify what priorities have the largest return on investment for their efforts.

“While many organizations would like to have an active patch management program, operational concerns, staff skills and priorities end up meaning that not everything gets patched all the time. The transitioning of security away from hardware to as-a-service and cloud-enabled has the potential to modernize systems which will allow for more consistent patching.”

A report published yesterday by Synopsys found that nearly half (48%) of organizations regularly push vulnerable code into production in their application security programs due to time pressures.

What’s hot on Infosecurity Magazine?