Websites do not miss this!

BANGALORE, INDIA: Indusface has released a list of important statistics related to information security that every website should be aware of.

Here is a list of important security stats that websites cannot afford to miss:

• Thirty thousand websites are hacked daily, which means that around 10 million sites are hacked in a year.
• 32,323 public Indian websites were hacked in 2014 with 14% Y-o-Y increase.
• 155 .GOV and .NIC domains were hacked last year.
  
  1,000,000,000 (a billion) personal records were stolen globally last year.
• Around 75% of the data breaches happen at the application layer.
  
  Last year, it was reported that 90% of mobile banking applications were vulnerable to attack.
• 156 million phishing emails are sent every day. The figure crosses 56 billion in a year.
• 16 million emails manage to pass the spam filters successfully every day. Around 800, 000 links in these spam emails are clicked on a daily basis.
  
  Phishing causes companies an estimated loss of $28.1 billion.
• One phishing attack is carried out every minute. 97% internet population cannot easily identify a sophisticated phishing mail. Advanced phishing attacks use social engineering to extract user information.
• SQL Injection was discovered 15 years ago but it is still the most dangerous vulnerability. It even tops the OWASP Top 10 list.
• Around 97% of all the data breaches across the world happen due to SQL Injection.
  
  91% of the websites detected with 'Critical' vulnerabilities tested by IndusGuard Web had SQL Injection vulnerability.
  
  Malware exists in computers of around 40% of the computer users. Malware is the top reason behind sites getting blacklisted by search engines and site index portals.
  
  There are more than 400, 000, 000 types of malware today. 80, 000, 000 types of malware have been identified recently.
  
  97% of all types of mobile malware affect Android devices solely.
• DDoS attacks cost banks up to $100, 000 per hour. 20% of such attacks last for days and even months.
  
  87% of the attacked companies were hit more than once.
  
  Competitors launch DDoS attacks to disrupt business on high sale volume days. It is impossible to detect and prevent all types of DDoS attacks unless traffic to the application is monitored continuously.
• The estimated cost of successful DDoS attack for a company is anywhere between $5,000 and $19,999 an hour.

The above data has been compiled by the Indusface Research Team from various sources including KPMG, The Dark Reading, Forbes, Government of Canada, besides other whitepapers, case studies and Indusface reports.