Cloudbric and Penta Security Systems Releases Annual WATT (Web Application Threat Trend) Report

The  Web Application Threat Trend Report (WATT report)  is an annual report, complied with the log data from Penta Security’s WAPPLES, and Cloudbric’s cloud-based WAF (Web Application Firewall). This report only contains data that customers have agreed to share. 

The main purpose of this report is to find out possible future web attack patterns through the latest attack trends and show how our WAF service can help you stay protected from cyberattacks. 

Industry trend 

Industry targetBased on our research, the industry with the highest percentage of cyberattacks during the first half of 2020 is in the order of broadcasting and communication industry (38.88%), public administration (26.33%), education (17.15%), retail and manufacturing (12.13%), and online shopping (5.51%). Due to the COVID-19 pandemic, the use of online lectures and media has grown significantly and that is one big reason why hackers are targeting industries related to it. Companies must pay extra attention and plan multiple security measures to protect sensitive data from leaking to hackers especially during times like this. But hackers are not just after company sensitive data but also personal information too. If you want to keep your business up and running it would be best for you to prepare your company with the proper tools and plans

Country trend 

country trendHackers have been setting their origin of cyberattacks as countries that have active economic activities and frequent intercontinental information exchanges. And just like last year’s WATT report, America and Europe ranked second and third for the countries where cyberattacks originated the most. The two types of cyberattacks that ranked the highest in America were SQL injection (26.58%), and request header filtering (26.16%); and in Europe, request header filtering (33.84%) and SQL injection (27.13%). To go deeper into countries, we have compared countries from America and Europe. Based on the data, extension filtering and request header filtering are the two most common web attacks in both continents. But request header filtering and SQL injection still rank pretty high in both America and Europe. 

Variation trend in the number of malicious IPs 

malicious IPIn our WATT report, we have defined malicious IPs as the ones that engage in attacks more than 3,000 times a month. A single attacker can use multiple malicious IPs to attack a server but a single malicious IP  can also be used to cause significant damage to a server. The graph above also shows the frequency and severity of the attack. By looking at the graph we can see that there was a sudden increase starting from April, where COVID-19 started to spike and record a high number of cases. Some common attacks that happened during this time are phishing scams related to COVID-19, hacking remote working workers, and lastly hacking healthcare providers and organizations including WHO


There is no place in this world where it is completely safe from cyberattacks, meaning that everyone and every country must take web security seriously.  It is essential to prepare yourself and your company for various cyberattacks, and inspect the risks and plan on ways to respond quickly and accurately. So, how should you prepare for it? First, adopting a web application firewall (WAF) can help reduce the possibility of getting attacked. Visit our site for more information! To download the full report visit: