Web app attacks could be a serious security worry for your business this Christmas
Don't have a "crappy appy" Christmas this year, Imperva warns
Anyone unwrapping new devices this festive season is being urged to make sure all their apps are properly secured following fears that personal and business devices could be at risk.
A report from Imperva found that web app attacks on UK businesses have jumped by 251% since October 2019, with the end of the year in the run up to Christmas showing a particular rise.
Warning that organisations and consumers alike are at risk of suffering from a ‘crappy appy’ Christmas, the company is now warning users to stay alert over the holidays.
App attacks
In its report, Imperva studied 4.7 million web application-related cyber security incidents, finding that attacks are increasing, on average, by 22% each quarter, including a particularly worrying 67.9% surge from Q2 2021 to Q3 2021.
Remote Code Execution (RCE) and Remote File Inclusion (RFI) attacks, which target businesses’ websites and servers to steal information, compromise servers or even takeover websites and modify their content, saw a massive 271% increase, demonstrating the scale of threats businesses face.
This was also shown by the increase in data breaches, with a similar Imperva report suggesting half (50%) of all data breaches begin with web applications. And with more than 70% of web traffic now coming through APIs, businesses’ risk of exposure is only getting higher.
“The pandemic placed immense urgency on businesses to get all kinds of digital transformation projects live as quickly as possible, and that is almost certainly a driving factor behind this surge in attacks” says Peter Klimek, Director of Technology at Imperva.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
“The changing nature of application development itself is also hugely significant. Developments like the rapid proliferation of APIs and the shift to cloud-native computing is beneficial from a DevOps standpoint, but for security teams, these changes in application architecture and the accompanying increased attack surface is making their jobs much, much harder.”
- Here's our pick of the best endpoint protection software
Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.