As usual I aggregated the data from the Cyber Attack Timelines of June to provide some aggregated statistics. Data must be taken very carefully since they do refers only to discovered attacks (the so-called tip of the iceberg), and hence do not pretend to be exhaustive but only aim to provide an high level overview of the “cyber landscape” of the month. Moreover, remember that the most dangerous threats are the invisible ones, how I can easily verify thanks to the advanced malware detection campaigns I am performing in these hard days.
Let us start with the Motivations Behind Attacks chart. Cybercrime is undoubtedly on the rise and has reached the unprecedented percentage of 72%. On the other hand Summer seems to be a period of vacation for hacktivists, whose influence on the landscape fell down to 18%. As usual Cyber Warfare and Cyber Espionage are well behind respectively to 6% and 4%. But of course, this is only the tip of the iceberg. On the other hand, I would not expect a complex cyber espionage action to be easily uncovered, or worst, advertised on social media as it happens for (too) many actions allegedly motivated by cyber crime or hacktivism.
Moving to Distribution of Targets, shows a preference of cybercrookers for Industry targets (21%), immediately followed by Government targets (18%). Targets belonging to education sadly confirm their top position, and rank, even in June, at number three with the 8% of occurrences. Of course industry targets are hugely fragmented hence, if we consider each category singularly, it turns out that Governments are still the most vulnerable victims of cyber attacks.
Last but not least, the next chart: Distribution Of Attacks Techniques. Apparently is getting harder and harder to recognize the attack techniques leveraged to execute the reported cyber attacks. Anyway, in those cases where it has been possible to do it, SQL Injection steadily keeps on being the King of Hill. The smaller occurrence of DDoS attacks reflects the minor influence of hacktivism during this month, with account hijacking confirming to be one of the most dangerous vectors. When looking at defacements, consider that typically I do not take them into consideration in my timelines (they are really too many) unless they are executed against very remarkable targets, hence consider that 3% belonging to what I defined high profile defacements.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).