TOKYO (PRWEB) July 08, 2020
-Period: April 1, 2020 - May 13, 2020
-Target: User accounts using "Shadankun" and "WafCharm"
-Method: Analysis of attack logs observed by "Shadankun" and "WafCharm"
■ Status of cyber-attacks around Golden Week 2020
Looking at the status of cyber-attacks on companies using CSC's services, "Shadankun" and "WafCharm", from April 1 to May 13, 2020, it can be seen that from Saturday, May 2nd to Monday, May 4th, the start of the Golden Week holidays, there was a sharp increase in the no. of attacks and after a brief decline from Tuesday, May 5th, it increased again for the holidays, starting Friday, May 8th. The total number of cyber-attacks detected between Friday, May 1st, and Sunday, May 10th was approximately 11.44 million. This is more than 1.5 times higher than the total of approximately 7.59 million cases from the same period in April 2020.
During the first half of Golden Week, there was an increase in the number of log-in attempts to the web server via other than the web, which are classified as "Cross-site scripting" and "Other". Throughout the second half of Golden Week, attacks against vulnerabilities in the software that makes up web servers, classified as "web attacks," increased dramatically. There was also a sharp increase in the number of "Traversal attacks" such as searches for critical files and high-level directories, although these attacks were a small percentage of the total.
In addition, a certain percentage of scans are routinely carried out by UserAgent, which seems to be a malicious bot or scan tool, as well as "SSRF (Server Side Request Forgery)", to target poor access control and improper security settings, which are among the top in OWASP Top 10 threats list.
Longer holidays, when there are likely to be fewer people in the office, tend to result in an increase in cyber-attacks, and this was evident in Golden Week 2020. As telework becomes more and more prevalent in more and more companies, the cybersecurity risks for companies will also increase as the offices will have an environment that resembles a long holiday period.
In order to protect corporate websites from the threat of cyber attacks, which are becoming increasingly important in the future, CSC plans to continue to make efforts to help build an environment in which users can use its services with peace of mind and protect the corporate business.
■ About Shadankun
Cloud-based WAF "Shadankun" is a web security service that detects and blocks cyber-attacks on websites and web servers. Utilizing Cyneural, an attack detection AI engine using deep learning, it detects general attacks as well as unknown attacks and false-positives at high speeds, while Cyhorus, one of the world's leading threat intelligence teams, quickly responds to the latest threats. Also, it has been ranked No. 1 in Japan in terms of adoption rate. *1
For more information, please visit https://www.shadan-kun.com/
■ About WafCharm
WafCharm is a service for automation of AWS WAF operations using AI & Big Data. It is equipped with an AI engine "WRAO" (Patent No. 6375047) that automatically selects the most optimal WAF rules using machine learning, based on trillions of Big Data cultivated through in-house developed cloud-based WAF “Shadankun”, which has No. 1 adoption rate in Japan. *1
The cyber threat information monitoring team of security researchers "Cyhorus" responds quickly to the latest threats, and by offering individual customization by top-class security engineers with flexible services tailored to the needs of customers, WafCharm has made AWS WAF operations easier for users. It is available to over 1 million AWS users in over 190 countries.
For more information, please visit https://www.wafcharm.com/en/.
■ About Cyber Security Cloud, Inc.
With an aim to create a secure cyberspace that people around the world can use safely, Cyber Security Cloud provides web application security services worldwide using the world’s leading cyber threat intelligence and AI technology. CSC is also certified as the 7th AWS WAF Managed Rules Seller in the world by AWS (Amazon Web Service) which boasts a 47.8% global cloud market share. *2
As a leading cybersecurity company, CSC plans to continue to strive to improve and develop new technologies and aim to be a company that can deliver effective security solutions to contribute to the information revolution.
For more information, please visit https://www.cscloud.co.jp/en/
*1： Market research on "cloud-based WAF services" (as of June 16, 2019) [Research by ESP Research Institute (May 2019 to June 2019)]
*2： Gartner(July 2019)･･･Worldwide Iaas Public Cloud Services Market Share, 2017-2018 (Millions of U.S. Dollars)