CERT Report April 2024
01. MONTHLY ATTACK TRENDS THROUGH STATISTICS
Attack Type Statistics
Attack type statistics lets you access statistical information on the top nine attack types that occurred in the previous month, including the progression of each attack in terms of increase and decrease, as well as attack progression by industry sector and country.
Monthly Attack Type Statistics
According to the attack type statistics compiled for March, the overall detection count reached 457,054 cases, representing an increase of 93,098 compared with the previous month. The most frequently attempted type of attack, Inject Unexpected Items, accounted for 47.4% of the overall ratio of attack types in March with a total of 216,609 cases, showing an increase of 85,062 cases compared with the previous month and climbing one rank to reach 1st place. Engage in Deceptive Interactions attacks ranked 8th with 35 cases, and Manipulate Timing State attacks ranked 9th with 0 cases, both maintaining the same rankings as the previous month. Subvert Access Control attacks rose one rank to reach 3rd place with 30,798 cases, and Abuse Existing Functionality attacks rose two ranks to reach 5th place with 6,214 cases recorded. On the other hand, Collect and Analyze Information attacks dropped one rank, falling to 2nd place with 166,450 cases, Manipulate Data Structures attacks dropped one rank, falling to 4th place with 29,940 cases, Manipulate System Resources attacks dropped one rank, falling to 6th place with 5,954 cases, and Employ Probabilistic Techniques attacks dropped one rank, falling to 7th place with 1,054 cases recorded.
Figure 1. Attack Type Ratio in March
Figure 2. Percentage of attack types in the past 12 months
| Rank | Attack Type | Fluctuation | February | March |
12 Months Percentage |
||
| Count | Ratio | Count | Ratio | ||||
| 1 | Inject Unexpected Items | ▲1 | 131,547 | 36.1% | 216,609 | 47.4% | 31.5% |
| 2 |
Collect and Analyze Information |
▼1 | 168,715 | 46.4% | 166,450 | 36.4% | 50.8% |
| 3 | Subvert Access Control | ▲1 | 27,606 | 7.6% | 30,798 | 6.7% | 7.4% |
| 4 | Manipulate Data Structures | ▼1 | 29,242 | 8.0% | 29,940 | 6.6% | 7.6% |
| 5 | Abuse Existing Functionality | ▲2 | 555 | 0.2% | 6,214 | 1.4% | 1.4% |
| 6 |
Manipulate System Resources |
▼1 | 4,932 | 1.4% | 5,954 | 1.3% | 0.9% |
| 7 |
Employ Probabilistic Techniques |
▼1 | 1,356 | 0.4% | 1,054 | 0.2% | 0.4% |
| 8 |
Engage in Deceptive Interactions |
– | 3 | 0.0% | 35 | 0.0% | 0.0% |
| 9 | Manipulate Timing State | – | 0 | 0.0% | 0 | 0.0% | 0.0% |
| Total | 363,956 | 100% | 457,054 | 100% | 100% | ||
Table 1. Attack type statistics in March
※ Analytical events are categorized into nine attack types based on attack patterns
※ Total ratio is calculated by rounding
The progression of attack types over the past three months is as follows.
Figure 3. Trend of attack types in the last 3 months
