Cyber Security Cloud Co, Inc. released its cyber-attack detection report covering July 1 to August 31, 2020, which includes long summer holidays in Japan. This data was analyzed and calculated by aggregating the attack logs observed by CSC's services, "Shadankun", a cloud-based WAF that visualizes and blocks cyber-attacks on websites, and "WafCharm", a service for automation of AWS WAF operations using AI.
Research Overview
- Period: July 1, 2020 to August 31, 2020
- Target: User accounts using "Shadankun" and "WafCharm"
- Method: Analysis of attack logs observed by "Shadankun" and "WafCharm"
Attack situation From July 1 to August 31, 2020, including the long holidays, CSC detected an average of 32,238,832 cyber-attacks per month against companies using its services ("Shadankun" and "WafCharm").
Compared to the average number of cyber-attacks detected in the first half of 2020, this is an increase of more than 30 percent due to an increase in web attacks (attacks against vulnerabilities in the software that makes up a webserver), web scans (method of searching and investigating the target of an attack or looking for vulnerabilities in a simple attack conducted at random), and SQL Injection attacks (intentionally exploiting security flaws in the application to manipulate the system).
In addition, on August 18, 2020, we detected 1,746,611 cyber attacks, the highest number of cyber-attacks detected in 2020, and on August 7, 2020, we detected 1,647,089, the second-highest number of cyber-attacks detected this year.
The reason for the increase in the number of attacks in July and August is considered to be due to the increase in the spread of the new coronavirus again, resulting in a prolonged corporate telework system, and because offices tend to be short-handed in July and August, with employees taking summer vacations.
The results of an August 2020 survey on the time period between the occurrence of a cyber-attack and its disclosure revealed that more than 50% of companies and organizations took more than 90 days to discover a cyber-attack and that it took an average of 383 days from the time a cyber-attack occurred to the time it was discovered. As a result, there may be many cases in which the attack is not detected yet.
With the holiday season approaching, the number of cyber-attacks is likely to increase further, so it is important to quickly review your company's cybersecurity to prevent this from happening.
In order to protect corporate websites from the ever-increasing threat of cyber-attacks, CSC aims to continue to make efforts to help build an environment in which users can use its services with peace of mind and protect the corporate business.
About Shadankun Cloud-based WAF "Shadankun" is a web security service that detects and blocks cyber-attacks on websites and web servers. Utilizing Cyneural, an attack detection AI engine using deep learning, it detects general attacks as well as unknown attacks and false-positives at high speeds, while Cyhorus, one of the world's leading threat intelligence teams, quickly responds to the latest threats. Also, it has been ranked No. 1 in Japan in terms of adoption rate. *1
