Hackers falling back on old school techniques and automation
Contents alerts versus reputation alerts distribution.
Some hackers are implementing a combination of old-school tactics tied to cutting-edge automation to spread their mayhem, according to a new report by Imperva.
Imperva's Web Application Attack Report (WAAR) found most attackers do not think strategically and more likely to simply pour out a high volume of threats in the hope that one of them sticks. The report also found attackers defaulting to using blind scanning techniques allowing cybercriminals to carry out attacks faster and with less expense, which is is contrary to the belief that one has to employ cutting edge methods to be effective.
“We found the 'Blind Nature' of the attacks like Shell Shock where attackers are not targeting a specific vertical or specific application very surprising. Even if the success rate is low, we believe that ultimately such wide campaigns are still profitable. We believe blind scanning reflects the rapid industrialization of attacks by cyber criminals,” Morgan Gerhart, vice president of product marketing at Imperva told SCMagazine.com in an email correspondence Friday.
The WAAR noted that 100 percent of the applications studied were under attack by Shellshock, while SQLi and XSS attacks increased by 300 percent and 250 percent year-over-year, respectively.
Imperva also found that a level of laziness or penny pinching by organizations when it comes to setting up their cyberdefenses is allowing attackers to utilize well-worn, but still effective, attack vectors. The study found that 78 percent of malicious alerts were detected by reputation alerts indicating the bad guys were using known bad actors to make their attack.
“Many new applications and services are being launched every day with inadequate layers of security. Old exploits combined with automation are significantly reducing the effort it takes for attackers to be successful,” Gerhart said.
Also helping tip the scales in favor of the attackers are the ready availability of exploit kits in the Dark Web making it easy for newcomers to hop into the world of cybercrime, that new vulnerabilities are quickly being disclosed and that some industries, such as healthcare, lag behind when it comes to using beat practices in cybersecurity, Gerhart said.