Imperva research finds early signs of traffic recovery

The monthly report also showed retail traffic is peaking at Black Friday-level volume, application DDoS attacks increased in both volume and size, and the overall Cyber Threat Index score continues to be at a ‘high’ level. Key findings between April 1 and April 30, 2020 include: 

• COVID-19 continues to affect traffic and attack trends, but there are early signs of recovery. As the coronavirus crisis continues, Imperva Research Labs examines changes in traffic and attack trends across multiple industries and countries. In April, both the United States and China experienced overall growth in web traffic. Websites in the following industries saw the most significant changes over the previous month:
• Financial services: +18% in the U.S. and +45% in China
• Sports: +53% in the U.S. and +237% in China
• Travel: +25% in the U.S. and +90% in China
• Overall Cyber Threat Index score remains at a ‘high’ level. A 20% increase in the number of attacks in April pushed the index up by 15 points compared to the previous month. While the volume of attacks dipped for two months during COVID-19 shelter-in-place orders, in April they returned to a scale last seen in January 2020.
• Retail traffic reaches Black Friday volume. The global changes in consumer behaviour during the COVID-19 lockdown were evident in the increase in retail ecommerce internet traffic. During March and April, Imperva saw similar volumes of traffic normally reserved for the peak period around Black Friday and Cyber Monday, rising to as much as 30 billion requests in a week.
• Bot traffic is on the rise. Bot traffic accounted for more than 40% of traffic in web sites across three industries, including Society (58%)—which covers a range of businesses and services including philanthropy and community-oriented websites, Entertainment (56%), and Gaming (41%). In addition, bots were responsible for 80% or more of the attacks in the News (91%), Society (90%), Sports (87%), Retail (80%) and Finance (80%) industries. Learn more about malicious bots and how they plagued the internet as a whole in 2019 in Imperva’s ‘2020 Bad Bot Report: The Bad Bots Strike Back’.
• Increasing volume and size of application DDoS attacks. Imperva Research Labs registered four major application DDoS attacks, with more than 300k requests per second (RPS). The peak reached 334k RPS, which is second only to a 349K RPS DDoS attack Imperva Research Labs registered in November 2019. It seems that application DDoS attacks are becoming fiercer and more frequent.
• Python and Go are hackers’ favorite programming languages. Python (37%) and Go (28%) were the most dominant programming languages used by hackers to deploy cyber attacks.
• Growth in attacks from cloud services. Imperva Research Labs observed a 7.5% increase in attacks from different cloud services.

The Cyber Threat Index is a monthly measurement and analysis of the global cyber threat landscape across data and applications, and is based on data gathered from Imperva sensors all over the world—including over 25 petabytes of network traffic passing through the Imperva CDN per month.

With over one trillion total requests analysed and 21 billion application attacks blocked, it offers an unrivaled and comprehensive look at application security and provides an easy-to-understand score to consistently track cyber threat levels and observe trends over time. Viewers can dive deeper into the score and drill down for individual industries and countries, and also view historic Index scores.

“As consumers continue to adjust to new ways of living and browsing online during COVID-19 shelter-in-place orders, we’ve seen how it has impacted some industries more than others,” said Nadav Avital, Head of Security Research at Imperva.

“While financials, sports, and travel took major dips in web traffic in the beginning, we were pleased to see in April that traffic is now increasing in those sectors, showing promise that they are on the road to recovery. However, while the volume of attacks overall also dipped for two months in February and March, in April they returned to a scale last seen in January. This shows organisations must adopt a defense-in depth-strategy and continue to patch known vulnerabilities.”

The Cyber Threat Index was created by Imperva Research Labs, a premier research organisation for security analysis, vulnerability discovery and compliance expertise. The organisation provides round-the-clock research into the latest security vulnerabilities and is comprised of some of the world’s leading experts in data and application security.