In the first half of 2025, the number of web attacks on Russian companies remained high — more than 600 million such attempts were recorded and blocked. At the same time, attackers chose different targets depending on the industry.
In the financial sector, hackers most often tried to gain remote control over company servers (RCE attacks), which allows not only stealing data, but also committing unauthorized transactions and distributing malware.
For the IT sector, the main threats were SQL injections — attacks in which databases are hacked, and mass scanning of vulnerabilities by bots.
In online retail, the main problem was XSS attacks — the introduction of malicious code on websites, with the help of which criminals steal customer data entered on store pages.
Experts note that RCE attacks require high qualifications and are usually associated with organized hacker groups. XSS attacks are especially dangerous in online commerce due to the large amount of user input, where attackers can imperceptibly intercept confidential information.
Understanding the specifics of threats for different industries helps companies more effectively protect their digital resources, preventing financial and reputational losses, as well as protecting customers from data theft.
Read materials on the topic:
Espionage and complex cyber attacks: how hacker attacks on industry and telecom have changed
