« Network Flow Data: What's the big deal?
Statistics and the likelyhood of being breached »
Feb 10 2008

67% of web attacks motivated by profit

Posted by: Ben Uphoff in Breaches, Cybercrime, tags: ,

Breach Security Labs released a report containing some interesting statistics about web attacks in 2007. The entire report can be found in the Breach Security Network website (unfortunately, free registration is required). Dark Reading also has a summary of the report, although they felt 67% didn’t sound as good as 70% so they rounded up in the article title.

This report backs up what we have been reporting on in BreachBytes: more and more hacks and breaches are motivated by money. Andy weighed in on this trend with his excellent write up on the rise of organized crime in cybersecurity. I wrote about the subject most recently in my post on the motivations of modern hackers. Danny Quist from Offensive Computing noted in a comment that I should have had money as the #1 motivation and not #2. He was right.

Findings from the Breach Security Labs report:

  1. 67% percent of the attacks in 2007 were “for profit” motivated. Ideological hacking came second.
  2. With 20%, good old SQL injections dominated as the most common techniques used in the attacks. XSS finished 4th with 12 percent and the young and promising CSRF is still only seldom exploited out there and was included in the “others” group.
  3. Over 44% percent of incidents were tied to non-commercial sites such as Government and Education. We assume that this is partially because incidents happen more in these organizations and partially because these organizations are more inclined to report attacks.
  4. On the commercial side, internet-related organizations top the list. This group includes retail shops, comprising mostly e-commerce sites, media companies and pure internet services such as search engines and service providers. It seems that these companies do not compensate for the higher exposure they incur, with proper security procedures.
  5. In incidents where records leaked or where stolen the average number of records affected was 6,000.

(Above finding taken from http://www.webappsec.org/projects/whid/statistics.shtml)

This entry was posted on Sunday, February 10th, 2008 at 9:25 am and is filed under Breaches, Cybercrime. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply