Sunday, April 18, 2010

Hacking Incidents 2009

There is a project called the web hacking incident database (WHID), which collects data and statistics on web-application related security incidents. I was just looking into their report called The Web Hacking Incident Database 2009 which has some pretty interesting statistics in.
In order to judge the results and statistics of this database, we have to make sure we understand the contributors and where they come from:




Therefore the output will definitely have some US-centricity but is nevertheless interesting.

There is no secret that the attackers go for money. Cybercrime came from cool to cash! If you look what the attacker did after a successful attack, this proves this statement once more:


But how do they get in? How does a hacker actually attack a Web-Application? Again, not a lot of surprise here, more a confirmation of what we know already:


So, looking at it is definitely worth in order to get a better picture from a security intelligence point of view.

4 comments:

  1. Wowwwwwwwwwww , Wonderful statistics in North of america , 57% !

    ReplyDelete
  2. As you see this graph indicate that the highest statistics for north America and lowest for south America and Australia.

    ReplyDelete
  3. As it seems in the last graph, the most attacks are in SQL database, the main reason can be the more valuable information in this part of the websites as the databases contain the users confidential information.Hediyeh ,What is your idea?

    ReplyDelete
  4. I agree with you.as SQL database contains valuable information so the most attacks are in them.

    ReplyDelete