Web application attacks accounted for 73 percent of all incidents flagged in an 18-month evaluation period according to a new report from Alert Logic which also says that web application attacks affected 85 percent of all its customers, with injection-style attacks such as SQL injection the main culprit.
The company's 2017 Cloud Security Report is based on customer data from more than 3,800 Alert Logic cloud, on-premises and hybrid cloud customers over an 18 month period, from August 1, 2015 to January 31, 2017.
Among other findings was that pure public cloud installations experienced the fewest security incidents. On average, customers running applications on public cloud platforms experienced 405 security incidents over the 18-month period while on-premises customers experienced a 51 percent higher rate of security incident escalations (612), hosted private cloud 69 percent higher (684) and hybrid cloud 141 percent higher (977).
However, server-side ransomware represented only two percent of total incidents, demonstrating, among this sample at least, that while ransomware grabs a lot of headlines, it was only a small proportion of observed security incidents in the data set.
Content management systems and e-Commerce platforms were favoured by for hackers targeting web applications due to vulnerabilities in ubiquitous third-party web application components, insecure coding practices and increased exploit automation. Attacks targeting Joomla accounted for 25 percent of total web application attacks observed followed by WordPress with 10 percent and Magento with seven percent.
In a press statement, Misha Govshteyn, senior vice president of technical and product Marketing, Alert Logic, commented: "We focused our analysis on incident types and the workloads and environments most at risk. Cyber-attackers continue to seek the weakest spots in network defences and businesses need to understand how they are refocusing to take advantage of the changing attack landscape."