It’s time to aggregate the two timelines of May 2015 (Part I and Part II) into statistics. Nothing new for the Country Distribution: the US rank at number one (and the UK appear a valuable target either, as it gets the second place emerging over the other countries).
The Daily Trend of Attacks chart shows a consistent level of activity during the first half, with a prominent peak around the 11th, and a decreasing trend until the end of the month.As usual, Cyber Crime ranks on top of the Motivations Behind Attacks chart with 68.5%. This value is considerably larger than the one reported in April (55.2%) and very close to 69% reported in March. The reason is that May was characterized by a peak of hacktivism driven by the operations carried on in name of OpIsrael. Once the effects are gone, hacktivism drops to a more “physiologic” 22.5% (was 32.2% in April), again very close to 20.7% reported in March. On the other hand, Cyber Espionage (9.2%) confirms a value similar to the one reported in April (9%).For the second month in a row, SQLi ranks on top of the Attack Techniques chart (among the known ones) with 16.9%. Targeted Attacks are in a roll, with a surprising 12.4% that overcomes the already surprising 11.5% reported in May, and places them in third position (among the known attacks) behind defacements (15.7%). DDoS, on the other hand, keeps on plummeting (3.4%).
For the ninth month in a row, industry ranks on top of the Distribution of Targets chart with 24.7%, a decreasing value in comparison with 29.9% of April. On the other hand, governmental targets (number two) soar to 20.2% from 14.9% of April. Single individuals get the third place (10.1%), whereas educational targets fall to 5.6% , almost as little as half than 10.3% reported during the previous month, similarly to organizations (4.5% vs 9.2% of April).
The Industry Drill Down chart confirms E-Commerce sites on top (22.7% vs 19.2% in April). On the other hand, the Organization Drill Down chart is not particularly meaningful this month, given the overall low level of activity against this class of targets.
As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines, aiming to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.