Applications have become the focal point of the Internet, the workhorses behind organizations of all types. Attackers have figured this out, and they target applications more than anything else (besides people). This research series ties together trends and data from a number of perspectives to give an overall picture of the application security threat landscape.
DDoS Attack Trends
Distributed denial-of-service attacks soared in complexity and size during 2021. We saw our largest ever attack at just under 1.4 Tbps, and saw DDoS attacks larger than 250 Gbps grow by 1300%. Threat actors are increasingly turning to DDoS to pressure ransomware victims to pay up.
In Expectation of Exfiltration
Attacker behaviors continue to evolve, sometimes in predictable ways, sometimes not. This 2022 report covers the ongoing growth of malware (including ransomware), a newfound emphasis on data exfiltration, the continuing dominance of formjacking attacks, and detailed recommendations for mitigating these vectors.
Of Sectors and Vectors
Our first supplemental piece to the 2021 Application Protection Report is a detailed examination of how attack chains vary by targeted industrial sector. This also provides some insight into how sectoral analyses compare with other kinds of security intelligence and how best to use them.
Of Ransom and Redemption
We dive ever deeper into the changing threat landscape, unpacking the evolution of formjacking to fit a wider target profile, as well as the evolution of ransomware from a niche attack to the latest default. We also analyze and visualize attack chains in greater detail using the ATT&CK framework.
Click through the animations below to understand how different attacks unfold.
