Imperva Research Labs shows significant changes in web traffic during COVID-19 pandemic

Based on a weekly average compared to Jan. 19, 2020 traffic, industries that experienced an increase in web traffic from March 1 through March 22, 2020 include:

• News (+64%)
• Food and beverages (+34%)
• Retail (+28%)
• Gaming (+28%)
• Law and government (+17%)
• Education (+17%)

Industries that faced a decrease in web traffic from March 1 through March 22, 2020 include:

• Sports (-46%)
• Adult (-42%)
• Travel (-41%)
• Automotive (-35%)
• Financial services (-7%)
• Gambling (-3%)
• Healthcare (-3%)

The Cyber Threat Index is a monthly measurement and analysis of the global cyber threat landscape across data and applications, and is based on data gathered from Imperva sensors all over the world—including over 25 petabytes of network traffic passing through the Imperva CDN per month. With over one trillion total requests analysed and 21 billion application attacks blocked, it offers an unrivalled and comprehensive look at application security and provides an easy-to-understand score to consistently track cyber threat levels and observe trends over time. Viewers can dive deeper into the score and drill down for individual industries and countries, and also view historic Index scores.

The preview of the March 2020 Cyber Threat Index is available at https://www.imperva.com/blog/COVID-19-surge-in-online-traffic-increases-risk/.

In addition, Imperva also released its complete February 2020 Cyber Threat Index. The report revealed increased spikes in attacks against government and law sectors as the United States launched its Democratic primaries, and early signs of change in industry traffic and attack trends due to COVID-19. Key findings between Feb. 1 and Feb. 29, 2020 include:

• First sign of shift in web usage as COVID-19 spreads globally. During the month of February, Imperva began monitoring how and if the cross-border spread of COVID-19 started to affect traffic and attack trends across multiple industries and countries. Traffic changes were detected in the News (+10%), Travel (-5%) and Finance (-5%) industries, however there were no major changes in the amount of attacks per industry and country.
• The United States and New Zealand both experienced spikes in attacks on government and law sectors. Within the United States, there was a 10% increase in the average number of attacks per site in these sectors, as Democratic primary election picked up. The top three countries of origin outside of the United States were Russia (22%), Ukraine (12%) and China (9%), and 99% of attacks overall were carried out by bots. Additionally, New Zealand experienced an 800% spike in attacks on Feb. 17 and 18.
• Web attacks originating from cloud platforms saw a 27% decline for the second month in a row. While attackers are still using cloud platforms to disseminate attacks, there was a 20% increase in attacks originating from web hosting services.
• India is the country with the highest number of spam attacks. Comment spam attacks in India are twice as popular than those in other frequently spammed countries, including Canada, Spain, the United Kingdom and the United States.

“This new research from the Cyber Threat Index is a testament to the rapidly changing security landscape, and we can expect to see some of these threats—particularly attacks on government and law sectors—continue to proliferate as we inch closer to the 2020 U.S. presidential election,” Nadav Avital, head of security research at Imperva. “Government websites will only become an even bigger target to malicious actors, so organisations must prepare now before it’s too late. We’ll continue to monitor how this space evolves and provide recommendations for the right course of action.”

The February 2020 Index score of 782—on a scale of zero to 1000—is the highest to date, rising from 776 in January 2020.