You are here: Home » Technology » News
Business Standard

Cybercriminals using automated tools to launch attacks: Report

Cybercriminals targeting web applications have grown more reliant on automated tools, a report said on Wednesday

cybercrimes | cybersecurity | Hacking

IANS  |  New Delhi 

Sebi embraces new-age tools for information to prevent insider trading
Representational image

Cybercriminals targeting web applications have grown more reliant on automated tools as nearly 20 per cent of the attacks detected were fuzzing attacks, trying to find the points at which applications break to exploit, a report said on Wednesday.

Fuzzing is the usually automated process of finding hackable software bugs by randomly feeding different permutations of data into a target programme until one of those permutations reveals a vulnerability.

The cloud-enabled security solutions provider Barracuda Networks that analyzed a sample of two months of blocked data on web application attacks in the month of November and December, found that the top five attacks using automated tools were fuzzing attacks, injection attacks, fake bots, App DDoS and blocked bots.

"While analyzing the current state of encryption, our researchers identified that even though it can prevent a variety of attacks like man-in-the-middle, and provides one layer of protection for users visiting websites, attacks can still occur within the stream," Murali Urs, Country Manager-India, Barracuda Networks, said in a statement,

After fuzzing attacks, injection attacks were the next at about 12 per cent, and most of the attackers were using automated tools like sqlmap to try getting into the applications.

Automated attacks use bots to try to exploit vulnerabilities in web applications. These attacks can range from fake bots posing as Google bots to avoid detection to application DDoS trying to crash a site by subtly overloading the application, the report said.

Bots pretending to be a Google bot or similar accounted for just over 12 per cent of the web application attacks. Application DDoS (distributed denial of service) was surprisingly dominant, making up more than 9 per cent of the sample the team analyzed.


An overwhelming number of data exfiltration attempts seen in the sample were for credit card numbers and social security numbers, etc.

Visa was the clear focus, accounting for more than three-quarters of these attacks. This was followed distantly by JCB with more than 20 per cent and Mastercard, Diners, and American Express at much smaller volumes, the report said.



(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

Dear Reader,

Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.
We, however, have a request.

As we battle the economic impact of the pandemic, we need your support even more, so that we can continue to offer you more quality content. Our subscription model has seen an encouraging response from many of you, who have subscribed to our online content. More subscription to our online content can only help us achieve the goals of offering you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practise the journalism to which we are committed.

Support quality journalism and subscribe to Business Standard.

Digital Editor

First Published: Wed, February 17 2021. 14:50 IST