News

  • Report

Share

Facebook Twitter linkedin
2021.10.04

Cyber Security Cloud Announces Cyber-Attack Detection Report for August 6-15, Including Corporate Obon Holidays ~Cyber-attacks increased by about 1.2 times during the target period~

Cyber Security Cloud, Inc. (Headquarters: Shibuya-ku, Tokyo, Representative Director, President and CEO: Toshihiro Koike, hereinafter “our company”) announced that in August 2021, the system manager will be absent for a long period of time due to holidays and the Obon holiday. We will announce the cyber attack detection report for the period from August 6th to August 15th, when the security system tends to be weak. In addition, this data is the attack log observed by "Shadankun", Cloud-based WAF that visualizes and blocks cyber-attacks on websites provided by our company, and "WafCharm", an automated operation service for AWS WAF and Azure WAF. are aggregated, analyzed and calculated.

<Survey overview>
・ Survey period: August 6, 2021 to August 15, 2021
・Survey target: User accounts using “Shadankun” and “WafCharm”
・Investigation method: Analysis of attack logs observed by “Shadankun” and “WafCharm”

20% increase in cyberattacks from August 6, 2021 to August 15, 2021, including the Obon holidays
This time, we will target the period from August 6th to August 15th (10 days), which includes the Obon holidays, from August 6th, just before the system staff will be absent for a long period of time due to holidays and Obon holidays, and the security system will likely be weak. We have analyzed the number of cyberattacks detected. During the survey period, a total of 11,651,377 attacks were detected against companies using our services (" Shadankun" and "WafCharm"). In addition, 6,020 attacks were detected per sid (sid = Security Identifier: a security identifier that uniquely identifies network user accounts, groups, etc.). This is about 1.2 times (120.1%) compared to the number of detections in the 10 days immediately preceding the survey period (July 27th to August 5th). Also, in the 10 days immediately after the survey period (August 16th to August 25th), the number decreased by about 20% from the period including the Obon holidays.

Also, when comparing the attacks detected during the survey period by day, the number of attacks detected on August 6, just before the weekend, was the highest at 908 per sid.

From the results of these surveys, during long vacations, system personnel are often absent for a long time and security systems are often weak, making it easier for malicious third parties to target them. It is thought that it is necessary to further strengthen vigilance just before.

■ “SQLInjection” spikes during holidays
Among the detected attacks, we found that "SQLInjection", which intentionally exploits security flaws in applications to illegally operate systems, increased significantly during weekends and other holidays. The number of "SQLInjection" detections during the survey period was 1,337,031, and when compared by day, the number of detections on August 8th, which is Sunday during the Obon holiday, was the highest at 213,214, followed by August 7th, a public holiday. The number of attacks detected was high on August 9-10 and Saturday, August 14. Furthermore, comparing the number of attacks detected on weekends and the average number of attacks detected on weekdays, the number of attacks detected on weekends is more than 1.5 times (172.8%) higher than on weekdays.

■ Attacks targeting vulnerabilities in “WordPress Plugin” increased
Among the detected attacks, there was an increase in attacks targeting vulnerabilities in "WordPress Plugin", a tool for extending WordPress functions. The number of attacks detected during the survey period was 394,521, which is about twice as many (196.0 %).

[About Cloud-based WAF “Shadankun”]
https://www.shadan-kun.com/

Cloud-based WAF "Shadankun" is a web security service that visualizes and blocks cyber-attacks on websites and web servers. Utilizing the attack detection AI engine "Cyneural" that uses deep learning, it not only detects general attacks, but also discovers unknown attacks and false positives at high speed, and has the world's leading threat intelligence. The team "Cyhorus" responds quickly to the latest threats. The number of companies and sites that have introduced it is ranked first*1 in Japan, and it is used regardless of the size of the company.

[About “WafCharm”]
https://www.wafcharm.com/

“WafCharm” is a service that can automatically operate a WAF provided by a public cloud with “AI” and “big data”, which is the number one installed user in Japan*2, and has a large share in the cloud service market. provided by AWS and Microsoft Azure. Equipped with the AI engine “WRAO*3” (Patent No. 6375047) that automatically operates the optimal WAF rules using machine learning, it has the highest number of sites and companies that have installed it in Japan. Utilizing the cumulative total of over 2.1 trillion big data cultivated by the proven cloud-based WAF "Shadankun", we automatically apply the optimal rules for each customer. The cyber threat information monitoring team "Cyhorus" responds quickly to the latest threats. We also provide technical support*4 based on our signature customization know-how, which is one of the best in Japan.

[About Cyber Security Cloud, Inc.]
Company name: Cyber Security Cloud, Inc.
Location: VORT Ebisu maxim 3F, 3-9-19 Higashi, Shibuya-ku, Tokyo 150-0011
Representative: Toshihiro Koike Representative Director, President and CEO
Established: August 2010
URL: https://www.cscloud.co.jp/

*1 Source: Market research on “Cloud-based WAF service” (as of June 16, 2019) <ESP Research Institute> (May 2019-June 2019 survey)
*2 Survey by Japan Marketing Research Organization Survey overview: Fiscal year ended July 2020_Actual survey
*3 Only AWS WAF classic is supported
June 2019 survey)
*4 Applicable only to some plans