Even if this month I am a little late with the statistics, the time to dig into the data has come. For the few readers who are not aware of this, the statistics are derived from the timelines (Part I and Part II) that I publish with a bi-weekly basis.
As usual let us start with the Country Distribution Chart that, unsurprisingly, shows the US on top of all the categories. Following the trend of the last months the UK is immediately behind and emerge over the remaining countries.
The analysis of the Daily Trend Chart shows quite a heterogeneous trend with a first spike at the very beginning of the month and a prominent peak in the central week.
Cyber Crime ranks on top of the Motivations Behind Attacks chart with a percentage in line with August (72.6% vs 69.6%). Hacktivism is practically on the same level of the previous month (16.7% vs 16.5%), whereas Cyber Espionage drops to 10.7% from 13.9%.
SQL Injections rank on top of the Attack Techniques chart with 20.2% (was 19% in August). Targeted operations are immediately behind with 17.9% (a noticeable bump in comparison with 12.7% of August), while defacements fall at 10.7% (was 15.2% in August), at the third place among the attacks with a known technique.
The Distribution of Targets chart confirms the industrial sector on top, despite the value registered in September is nearly 10 points down (20.2% vs 29.1% in Aygust). Governments rank at number two with 17.9% (in August was 15.2%), whereas Education institutions complete the podium (10.7% vs 8.9% reported in August).
E-Commerce ranks on top of the September Industry Drill Down chart (29.4%), ahead of Software, Entertainment, Recruiting and Hospitality (all with 11.8%). The Organization Drill Down chart is not particularly meaningful.
As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines, aiming to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.