Threat Detection

Monthly Analysis - January - April 2022 | Managed Web Hosting

Please note that starting from March 2022 we are changing to a quadrimester report format (every 4 months). The next report is scheduled for publication on September 15th, 2022. This approach will enable us to better identify data patterns and long-term trends.

Click the images below for a larger view:

First Row Left - Based on our traffic analysis for January to April 2022, see the top 10 countries classified as origin of web server attacks.
First Row Right - Geovisualization of web server attacks during the same period, across the 112 countries classified as origin of such attacks.
Second Row Left - Analysis of IP addresses identified as trying to hide their identity, classified in 4 categories - Hosting, Proxy, VPN, and TOR Exit Nodes.
Second Row Right - Cloud service providers classified as origin of web server attacks during the months of January to April 2022. These 6 providers accounted for 29% of the total attacks for the month.
Third Row Left - Geovisualization of web server attacks originating from the Amazon Web Services (AWS), during the months of January to April 2022.
Third Row Right - Geovisualization of web server attacks originating from the Google Cloud Platform (GCP), during the months of January to April 2022.
Fourth Row - Analysis of web server attacks identified as either of a Residential (40%) or Non-Residential origin (60%). We clasify as Non-Residentials those addresses that are identified as Hosting, Business, Government, Schools, and others.

Highlights

  • USA remains the principal source of web server attacks.
  • Most common type of web server attack for this period: Brute-force password guessing.
  • Amazon Web Services remains the principal source of web server attacks across all the major cloud providers.
  • Attacks from Amazon and Google clouds represented 87% of the total number of attacks across all cloud providers.
  • The top ten countries out of 112 classified as origin of web server attacks accounted for 73% of the total attacks for the months of January to April 2022.
  • IP addresses identified as anonymous (trying to hide their identity) accounted for 60% of the total web server attacks.
  • Websites built on the WordPress and Joomla CMS platforms continue to be the most attacked. We estimate that 82% of attacks recorded during this period were directed to these platforms.

Gain the unfair advantage™

Contact us!