Amazon Cloud Services Used More Often in Web Attacks; WordPress is the Most Targeted CMS

Amazon`s Cloud Services have been increasingly used in web attacks as the trend has increased over the past year, according to Imperva`s Web Application Attack Report.

While most web application attacks have been generated from the US, the report also revealed that Infrastructure as a Service (IaaS) providers generated more web attacks due to their increased market share.

“This is an interesting beginning to what could become a trend in security, where attackers use cloud-provided public infrastructure, either by employing it themselves, or by hijacking some other organization`s account, and elevating attacks from these platforms,” the report stated.

“Since cloud infrastructure is usually designed to be highly available and distributed globally, it makes it very effective for hackers to elevate large scale attacks such as DDoS attacks from these platforms.”

Thus 20 per cent of all vulnerability exploitation attempts and 10 per cent of all SQL injection attempts originated from Amazon Web Services.

At the other end, WordPress was most targeted content management system in 2014 as its increased popularity among internet users led to increased attention by hackers and a large amount of vulnerabilities.

WordPress suffered 24.1 per cent more attacks and 60 per cent more cross site scripting (XSS) incidents than all others content management systems combined

Compared to last year, overall malicious traffic and attackers` behavior increased and significantly changed, with SQL Injection attacks up by 44 per cent and remote file inclusion attacks by 62 per cent.