For those readers who keep asking where the statistics come from, they are derived from the Cyber Attacks Timelines that I publish on a bi-weekly basis. Each timeline lists the main attacks of the analyzed (taken from a list of open sources) and, more importantly, reports the link of the event in the “Description” field of the table (but a Google Sheet link is also available).
That being said (this question comes up quite often so I believed a short explanation was necessary), let’s move on and have a look to the data of May.
The Daily Trend of Attacks chart shows a clear peak during the first week (in May 5th) and a level of activity generally higher during the first half. The peaks continue for the rest of the month, even if they do not reach the same level.
Cyber crime ranks on top of the Motivations Behind Attacks chart with 66.7% (losing nearly 5 points compared to 71.1% of April). In the same time, OpIcarus pushes the Hacktivism up (from 15.4% of April to 20.4% of May). Cyber Espionage grows to 11.8% from 7.2% of April, whereas Cyberwarfare drops to a modest 1.1% (just a single event).
I do not remember the last time when that happened, but SQLi ranks on top of the known Attack Vectors with 17.2% (was 10.8% in April), ahead of targeted attacks (12.9% vs 12% in April). Even in this case the actions of the Anonymous push DDoS at number three, among the known attacks, with 9.7%, ahead of malware and accounts hijackings, both of them with 7.5%.
Once again, industries lead the Distribution of Targets chart, but they lose nearly 10 points dropping to 21.5% from 31.3% in April. Financial institutions rank at number two with 15.1%, immediately ahead of single individuals (8.6%).
The Industry Drill Down Chart sees Software companies and Restaurants on-top with 16.5%. Defense Contractors follow with 11.1% and emerge over the rest of the verticals.
As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines, aiming to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.