UKFast cyber-attack report reveals most vulnerable usernames
Hosting firm UKFast has released its first Threat Monitoring report, with data and insight from its Threat Monitoring service, which continuously analyses data to distinguish between potential security breaches and normal activity.
Data from the first 10 weeks of 2019 shows more than 5.5m malicious events across the platform, with 1.52m full attack attempts blocked in total, from a sample size of 181.5m total events analysed.
PHP web attacks nearly doubled when compared to the 10 weeks to 31st December 2018, and were the most common attack type seen, with 52,920, followed by SQL injection attempts and XSS (cross site scripting) attempts.
The USA, Russia and China have generated the most attack attempts throughout the lifetime of the service, although data from 2019 to date sees attacks from the UK climb into 3rd place ahead of China.
“We’re seeing a rising number of attempted PHP web attacks across the servers protected by Threat Monitoring. PHP is a popular programming language so it’s natural that we’re seeing a huge number of attacks on PHP applications and websites," said UKFast CTO Neil Lathwood.
“The use of pre-built plugins containing PHP vulnerabilities is also leaving businesses open to attack. Some of these plugins are not regularly updated by their developers and are leaving businesses open to some really significant vulnerabilities.”
The British hosting giant’s Threat Monitoring service, launched last year, now protects hundreds of businesses, and will publish a quarterly threat monitoring report with statistics, trends and insights to support the wider security industry.
Threat Monitoring includes host-based intrusion detection (HIDS), vulnerability scanning, file integrity monitoring (FIM), Rootkit detection and server baseline hardening.
The report also reveals the most common existing user names used in brute force attacks: