According to a report released by Imperva this week, threat-blocking efficiency is greatly increased with the addition of crowd-sourced threat intelligence.
Imperva’s findings were published in their latest Hacker Intelligence Report for April. Through a study of 60 web applications, a memo on the report explains, Imperva identified common attack patterns and concluded that information sharing among organizations ultimately resulted in enhanced protection against large-scale attack campaigns.
“These findings indicate that identifying a noisy attack source – an attacker, payload or tool that repeatedly attacks – is of high importance. Recognizing one noisy attack source can aid other organizations in their defenses,” the report says.
“While surgically targeted web application attacks are still occurring, we also witness large campaigns with common characteristics across different organizations and verticals. Consequently, security cooperation between organizations that suffer from web attacks can create a ‘network effect’ in which all members of the cooperating community can benefit by exchanging security and threat information.”
Imperva identified the four most common attacks, which are the same ones organizations have struggled with for years. The top attack was SQL Injection, followed by Remote File Includes, Local File Includes, and comment spam.
Related to Imperva’s findings another firm said that in Q1 2013, Cross-Site Request Forgery (CSRF) attacks jumped more than 132% when compares to last year. Secure cloud hosting firm, FireHost, who presented their research during the InfoSecurity Europe conference this week, said that the jump is due to a group of four cyberattacks that hammered organizations this quarter, which they’ve named “The Superfecta”.
“The Superfecta represents the most dangerous type of cyberattack traffic, but these are by no means advanced or difficult attacks for cybercriminals to launch,” said Chris Hinkley, CISSP – a Senior Security Engineer at FireHost and a SecurityWeek columnist.
“For example, cross-site request forgery attacks and cross site scripting attacks are extremely automated and require very little knowledge to implement.”
In addition to CSRF attacks, Cross-site Scripting (XSS), SQL Injection, and Directory Traversal were also used in the Superfecta campaign.
Related Reading: What the Debates on Information Sharing Seem to be Missing
Related Reading: Threat Information Sharing – Fighting Fire with Fire
Related Reading: Combating Emerging Threats Through Security Collaboration
