I have aggregated the data collected related to cyber attacks occurred in April 2012 (that you may find in the links on the right) in order to provide a consolidated view for the month. The statistics have been taken according to three parameters: Motivations Behind Attacks, Distribution of Targets and Distribution of Attack Techniques. Of course the information does not pretend to be exhaustive, in any case it is useful to provide a snapshot on the cyber landscape of the last month.
As far as the Motivations Behind Attacks are concerned, Cyber Crime ranks undoubtedly at number one with the 51% of the occurrences. Hacktivism is at number two with “only” the 39% of the occurrences. Other motivations such as Cyber Warfare or Cyber Espionage are far behind with respectively the 7 and 2 percent. This is not a surprise since attacks motivated by Cyber Espionage should be supposed to be subtle and hidden and this explains their rank (unlike the attacks motivated by hacktivism that use to attract the greatest attention by media).
As far as the Distribution Of Targets is concerned, Governements keep on to be preferred targets, with nearly one third of the occurrences. Law Enforcement Agencies rank at number two with 9% immediately followed by Educational Institutions with 7%. Online Platforms such as Online Games or other kind of platforms (such as email services) are behind with the 6% of occurrences for both of them. Of course the high position for governments and LEAs is quite simple to explain: both categories are the preferred targets for hactkivists.
A month characterized by Distributed Denial of Service, at least according to the Distribution of Attack Techniques chart. SQL Injection ranks at number two, immediately followed by Defacement. If we sum up also the indirect occurrences of SQLi (that is those cases whose symptoms seem the ones proper of SQLi but no direct evidences were found) the distribution of the two techniques is nearly the same (respectively 29% for DDoS and 27% for SQLi). Of course DDoS is the preferedd cyber weapon for hacktivists and this explain its dominion on this unwelcomed chart.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
- April Cyber Attacks Timeline (Part II) (hackmageddon.com)
- April Cyber Attacks Timenile (Part I) (hackmageddon.com)