This post has been possible thanks to the contribution of
@piz69, who kindly (and patiently) took care to aggregate the data for 2013!
Finally we can consolidate the data related to 2013 and draw some global stats summarizing the infosec landscape for the past year. Of course this data cannot absolutely pretend to be exhaustive, but rather we could define the charts as macro-indicators of the threat landscape and the corresponding trend, since the sources of the timelines (from which the stats are derived) are open and therefore only show cyber attacks that were discovered and gained space in the news.
Before drilling down into the data for the past year, it’s worth to have a look to the trend of the last three years (with the caveat that data for 2011 are incomplete as it was consolidated into a form comparable with 2012 and 2013 only starting from September).
Apparently 2012 and 2013 have a very different shape: 2012 shows a constant trend (with a high activity between May and June), while, after an initial peak, the line for 2013 experiences a progressive decrease, reaching a stable state. This is probably due to the minor influence of attacks motivated by hacktivism throughout the year (see the next chart).
A closer look to 2013 allows to understand the influence of the motivations throughout the different months. The initial part of the year is characterized by hacktivism. Cyber Crime is quite constant and ends up dominating the second half. This trend does not mean a decrease of hacktivism, but rather a different connotation throughout the year: the global-scale operations executed by the Anonymous have progressively been replaced by local phenomena (for instance the cyber attacks in India and Pakistan). Also the first months of the year are influenced by the DDos attacks of Izz ad-Din al-Qassam Cyber Fighters against US Banks.
Exploring the motivations shows a slight advantage of Cyber Crime (47%) over Hacktivism (44%), well above Cyber Espionage (5%) and Cyber Warfare (4%).
DDoS leads the chart of known Attack Techniques (23%) ahead of SQLi (19%) and Defacements (14%). It’s also worth to mention the rank number five achieved by Account Hijacking (with 9%) and the growing influence of Targeted Attacks ranking at number six with 6%.
Governments and Industries have been the most preferred targets for Cyber Attackers with similar values (respectively 23% and 22%). Targets belonging to finance rank at number three (7%), immediately ahead of News (6%) and Education (5%).
And, last but not least, the Top 10 Countries chart is lead by US which suffered nearly 1 attack on 2, well ahead of UK (5%) and India (3%).
As usual, bear in mind that the sample must be taken very carefully since it refers only to discovered attacks, published in the news, and included in my timelines. The sample cannot be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012. You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).