Imperva Research Lab’s study concluded that web application attacks are rising, on average, by 22% each quarter. The study examined nearly 4.7 million web application incidents. Further, the attacks have increasingly increased from Q2 2021 to Q3 2021— a 67.9% surge.
Remote Code Execution (RCE)/Remote File Inclusion (RFI) attacks have seen a sharp rise—an increase of 271%. RCE/RFI attacks target businesses’ websites and servers, and hackers use them to pilfer information, infect servers or even hack websites and alter their content.
The rise in web application attacks has led to a surge in data breaches. Imperva Research Lab’s report, earlier in the year, underscored that 50% of all data breaches begin with web applications. Annually, the number of breaches has grown by 30%, and the number of records stolen has increased by 224%. By 2021, 40 billion records would have been compromised, and 20 billion of those records would have originated from application vulnerabilities.
“The pandemic placed immense urgency on businesses to get all kinds of digital transformation projects live as quickly as possible, and that is almost certainly a driving factor behind this surge in attacks,” says Peter Klimek, Director of Technology at Imperva.
“The changing nature of application development itself is also hugely significant. Developments like the rapid proliferation of APIs and the shift to cloud-native computing are beneficial from a DevOps standpoint, but for security teams, these changes in application architecture and the accompanying increased attack surface is making their jobs much, much harder.”
Cybercrime and fraud have caused huge losses during the pandemic. The National Fraud Intelligence Bureau appraised a loss of around £1.3 billion in the first half of 2021. This loss is three times more when compared with the same period the previous year.