Indusface, an institutionally funded Application Security SaaS firm with 5000+ customers across 95 countries, recently released its State of Application Security Q1, (Jan – March) 2024 Report. The insights include an analysis of 1.80+ billion cyberattacks blocked by Indusface’s AppTrana WAAP platform. There is a sharp increase of 261% in cyberattacks in India compared to 76% increase globally in Q1, 2024 when compared to Q1, 2023.
The report reveals that power and energy companies faced up to 500x higher number of attacks than the industry average. Hackers are now targeting less regulated industries in an attempt to charge ransom.
DDoS attacks rose by 76% compared to Q1 2023. In most industries DDoS is the #1 attack vector except Retail, manufacturing, and healthcare, where bot attacks are more prevalent.
Bot attacks, in fact, are spreading rapidly with 10 out of 10 healthcare apps and 9 of 10 BFSI apps witnessing a bot attack throughout the quarter. Overall, bot attacks rose 147% compared to Q1 2023.
Major countries from where bot attacks were observed other than India are the US, Germany, and Japan. Speaking about this, Ashish Tandon, Founder and CEO of Indusface said, “2.5x increase in attacks on Indian applications is a matter of great concern. Compared to last year, we are also seeing more attacks on unregulated industries such as power and manufacturing. Consistent with global trends, DDoS and bot continue to be the top two threat vectors employed by attackers in India.”
“Given the acute shortage of security talent and the increasing pressure on CISOs to cut budgets, AppTrana WAAP, a fully managed and AI-powered platform is letting security teams be more lean and nimble at the same time as they respond to advanced threats,” he added.
Around 614 zero-day vulnerabilities were identified for the websites and APIs protected by the AppTrana WAAP. Indusface also found 17K critical and high vulnerabilities on a sample size of 1400 apps. Around 32% of the critical and high vulnerabilities were open for more than 180 days.
By default, around 95% of zero-day vulnerabilities were protected by core rules, while the remaining 5% were safeguarded by custom rules, resulting in 100% protection from zero-day vulnerabilities throughout the quarter. This is clear proof that managed services and application specific policies are critical for security teams globally.
Key takeaways:
• Power and energy companies faced up to 500x more attacks than the industry average, driven by ransom-seeking hackers targeting less regulated industries.
• Banking, Finance, & Insurance are the most targeted sectors overall.
• Banking and Finance sectors face 4x more encoding attacks and 3x more HTTP protocol enforcement attacks compared to other industries. HTTP protocol enforcement attacks involve manipulating or abusing the HTTP protocol to escalate privileges and perform unauthorized actions like Injections, arbitrary code execution, etc.
• SQL injection attacks were prevalent in banking, insurance, SaaS, and retail, while cross-site scripting attacks were common in financial services and healthcare.
• 9 out of 10 BFSI sites experienced bot attacks.
• Manufacturing industry is increasingly targeted with Local File Injection(LFI) attacks, where hackers try to access protected folders by manipulating inputs
• 100% of healthcare sites faced bot attacks.
• Retail, manufacturing, and healthcare saw more bot attacks than DDoS attacks.