Exactly as I did one year ago, I have decided to publish the aggregated statistics related to all the events (a total of 950 cyber attacks) that I collected during 2017. The data for the statistics is derived from the timelines that I publish on a bi-weekly basis. The timelines collect the main cyber events of each month chosen among the ones published by open sources (such as blogs or news site). Of course each timeline reports the source of the event that is available clicking on the corresponding description of the table.
Of course the purpose of the timelines and the statistics is not to provide the complete list of the cyber attacks (that’s simply impossible), but just to give an idea of the threat landscape and the main trends.
In comparison to 2016, during 2017 I have collected a 950 events vs 1061. It looks like that, despite a minor number of events has been recorded, 2017 has been characterised by large scale attacks (like WannaCry or NotPetya). The Monthly attacks chart shows that the level of activity has been gernally lower in 2017 in comparison with 2017, with the sole exception of October.
With regards to the Motivations, Cyber Crime has confirmed its crown even in 2017 with a similar percentage (77.4% vs. 72.1%). Instead it is worthy to notice how events motivated by Hacktivism fell down to 4.3% in 2017, from 14.2%. Cyber Espionage, on the other hand, had an opposite trend, soaring to 14.5% from 4.3%. Cyber warfare reported a slight decrease to 3.4% from 4.3%.
The Motivations charts shows the trend across the various months in 2017:
And is also broken down on a monthly basis and compared with 2016. Clearly the chart is dominated by Cyber Crime, and the trend is similar for the two years, unlike Hacktivism and Cyber Espionage that have de facto swapped their positions.
2017 has been the year of Malware. This is the main finding of the Top 10 Attack Techniques chart. Account Hijackings were essentially in line with the findings of 2016 (like the exploitation of vulnerabilities). Targeted attacks soared to 15.2% whereas the fall of Hacktivism is a possible reason of the plunge of DDOS and SQLi.
The Top 10 Distribution of Targets confirms, also for 2017, industries on top of the attackers’ preferences with a percentage similar with 2016. Unlike 2016, single individuals rank at number two, ahead of governments that were at number two in 2016. In practice, year over year the two swapped their positions.
Retail companies lead the Top 10 Industries chart, ahead of software (that led 2016) and entertainment.
I will never repeat enough that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines, aiming to provide an high level overview of the “cyber landscape”.
Of course I hope you enjoyed the timelines in 2017 and will continue to provide your support for 2018, sharing the timelines and stats.