Indusface, a TCGF II (Tata Capital) funded, rapidly growing Application Security SaaS company, released its State of Application Security Report for Q3, (July-September) 2023.
The insights revealed point to an unprecedented surge in cyberattacks in successive quarters. In Q3, Indusface’s robust AppTrana network successfully blocked over 2 billion attacks, 70% of which (1.6 billion+) originated from India. This figure reflects a sharp escalation of 70% in the frequency of cyberattacks on Indian websites during Q3, 2023, as compared to Q2, 2023, which recorded 947 million attacks.
The Q3 findings shed light on the vulnerability of various industries to these cyberattacks. Notably, the healthcare sector, where 100% of its sites faced bot attacks, and the banking and insurance industry, with 90% experiencing similar attacks, emerged as the most vulnerable sectors. This quarter, 8 out of 10 sites found themselves targeted by bot attacks, and the number of overall bot attacks was 56% higher compared to the previous quarter. Apart from India, the major countries from where cyberattacks originated were the United States, the United Kingdom, Russia, and Singapore.
The other biggest attack category was Distributed Denial of Service (DDoS) attacks that witnessed more than two-thirds (67%) increase over the last quarter. Most of the DDoS attacks were witnessed from India, the United States, Germany, and the United Kingdom.
Speaking about this, Ashish Tandon, CEO of Indusface, said, “Bot attacks continue to be a significant threat for BFSI and healthcare industries signifying the importance of data that they house. 90%+ websites in these sectors are facing a variety of bot attacks. In light of Digital Data Protection Bill, it is therefore, critical for security and infra teams of these sectors to stay more vigilant than ever and safeguard their customer data.”
Elaborating on a key incident witnessed during the Q3, Ashish Tandon, said, “Recently, one of our Fortune 500 clients faced a severe botnet-driven DDoS attack, where the attacker leveraged 8 million+ IPs to launch a slow rate of requests. But even that was about 14000X the usual site traffic at peak. We ensured 100% availability for this client where the system used behavioural models to prescribe rate-limits and the managed services used this intelligence to set up rules and minimise false positive blocks. A wonderful case study of human + machine collaboration for thwarting advanced DDoS attacks.”
Additional Insights
1. Top 3 vulnerability categories in Q3 2023:
– Malicious Content Found (Software and Data Integrity Failures)
– Server-Side Request Forgery Detected
– Cross-Site Scripting (XSS)
2. Vulnerability Exploits: Around 46,000 vulnerabilities were identified during Q3, with a concerning 32% remaining unaddressed for over 180 days, underscoring the urgency for immediate action.
3. Customers are increasingly adopting the virtual patching approach at the Web Application Firewall (WAF) level:
– 35% of the attacks were successfully blocked by utilising AppTrana’s core rules set.
– The remaining 65% of the attacks were mitigated using application specific custom rules, underscoring the significance of managed services and custom rules for security teams worldwide.
4. In this quarter, SaaS and Conglomerate companies experienced a tenfold increase in the number of attacks, driven by the handling of customer-sensitive data across multiple industries.
5. A significant increase in botnet-driven low-rate HTTP DDoS attacks was witnessed in Q3, 2023.
6. URI-based rate limiting proved effective in preventing over 50% of DDoS attacks in the Banking and Financial sectors.