Web apps attacked every two minutes, study finds

Web-based applications, on average, are hit by 27 attacks per hour, or roughly one attack every two minutes, according to data from security firm Imperva.

Lance Whitney
Lance Whitney Contributing Writer
Lance Whitney is a freelance technology writer and trainer and a former IT professional. He's written for Time, CNET, PCMag, and several other publications. He's the author of two tech books--one on Windows and another on LinkedIn.
2 min read

The average Web-based application is hit by a cyberattack once every two minutes, says a report out today by security firm Imperva.

Detailing its findings in its "Web Application Attack Report" (PDF) for July, Imperva found that Web applications are attacked around 27 times per hour. Monitoring the Internet from December 2010 through May 2011, the security firm uncovered and categorized more than 10 million individual attacks targeting both business and government sites.

Automated cyberattacks accounted for a huge number of attempted breaches. The report discovered that attack traffic was characterized by quick spikes of high volumes followed by longer periods of lighter activity, a key factor pointing to automation. Further, Web sites hit by automated attacks on average received up to 25,000 such attacks in just one hour, or seven attacks each second.

"The level of automation in cyberattacks continues to shock us," Amichai Shulman, Imperva's lead researcher and chief technology officer, said in a statement. "The sheer volume of attacks that can be carried out in such a short period of time is almost unimaginable to most businesses. The way hackers have leveraged automation is one of the most significant innovations in criminal history...Automation will be the driver that makes cybercrime exceed physical crime in terms of financial impact."

Most of the cyberattacks originated in the United States, according to Imperva, with more than 61 percent launched from bots located in the U.S. Attacks from China accounted for almost 10 percent, followed by Sweden and France. Looking beyond just location, 29 percent of the attacks came from the 10 most active sources.


The four most common types of attacks against Web apps were directory traversal (37 percent), cross site scripting (36 percent), SQL injection (23 percent), and remote file inclusion (4 percent), the report found. Cybercriminals often combine such attacks to find and exploit vulnerabilities in Web applications.

The bad guys are also getting more clever at covering their tracks, noted the report.

"Advances in evasion are also significant," Shulman added. "Our data shows that it is increasingly difficult to trace attacks to specific entities or organizations. This complicates any effort to retaliate, shut down cybercriminal gangs, or identify potential acts of war."