Global threat data from NTT Com Security shows a quarter of all attacks in the UK targeted at web services and applications
Country breakdown reveals range of serious security incidents in 2013
A comprehensive analysis of security alerts in 2013 reveals that a quarter of all attacks in the UK were application specific attacks or targeted at web applications. This is according to a country-by-country breakdown of threat data from global information security and risk management company NTT Com Security’s security operations centres (SOCs) around the world.
The local data shows that most web application attacks occurred through cross-site scripting (XSS) and SQL injection attacks, although sensitive data exposure is also highlighted as a cause for concern in the UK market. Other notable forms of security attack in the UK include reconnaissance attacks – where an attacker gathers information about weaknesses and vulnerabilities in a network or system – representing nearly a third (31%) of all attacks.
“Given the range of serious security incidents analysed in this data, together with recent major attacks like Heartbleed, what’s particularly worrying is that many organisations do not have a proper incident response team in place and are therefore leaving themselves dangerously exposed,” explains Nick Williams, UK Managed Security Services Solutions Manager at NTT Com Security.
“Our global threat intelligence (GTIR) report released earlier this year revealed that 77% of organisations worldwide have no incident response plan in place, and that the costs associated with responding to incidents are often significantly higher than they should be due to inadequate planning and lack of formal training. Appropriate response planning and procedures are absolutely critical for minimising the impact of an attack, so companies need to raise their game to enable them to be prepared and to test those capabilities.”
NTT Com Security, which delivers Managed Security Services – including providing threat intelligence and analysis to global customers via its SOCs – under its WideAngle brand, believes that every organisation should be asking themselves what the potential impact of a security incident would be on their business and whether they have the capabilities to provide a proactive approach to security monitoring and incident management.
Other data highlights:
- Market sectors most vulnerable to attack in the UK: One third of all attacks are targeted at Technology companies, followed by Transportation (14%), Manufacturing (13%) Healthcare (13%), Finance (7%), Government (5%) and the Energy & Utilities sector (3%).
- Malware attacks by industry show that the majority are targeted at Technology companies (59%) in the UK – Manufacturing is highest in France (44%) and Finance in Sweden (27%).
- Botnet activity by country shows the Technology sector again leading in the UK (48%), Energy & Utilities in France (65%), Finance in Norway (33%) and Finance (40%) in Sweden.
The security data is sourced primarily from NTT Com Security’s security operations centres (SOCs) located in Norway, Sweden and the UK. Data from Germany, France and the Netherlands is also included, with additional customer information sourced from sensors located around the world.
About NTT Com Security
NTT Com Security (formerly Integralis) is a global information security and risk management organisation, which delivers a portfolio of managed security, business infrastructure, consulting and technology integration services through its WideAngle brand. NTT Com Security helps organizations lower their IT costs and increase the depth of IT security protection, risk management, compliance and service availability. NTT Com Security AG, is headquartered in Ismaning, Germany and part of the NTT Communications Group, owned by NTT (Nippon Telegraph and Telephone Corporation), one of the largest telecommunications companies in the world.
For more information, visit http://www.nttcomsecurity.com