In the first half of 2025, the number of web attacks on Russian companies remained high — more than 600 million such attempts were recorded and blocked. At the same time, attackers chose different targets depending on the industry.
In the financial sector, hackers most often tried to gain remote control over company servers (RCE attacks), which allows not only stealing data, but also committing unauthorized transactions and spreading malware.
For the IT sector, the main threats were SQL injections — attacks in which databases are hacked, and massive scanning of vulnerabilities by bots.
In online retail, the main problem was XSS attacks — injecting malicious code into websites, with the help of which criminals steal customer data entered on store pages.
Experts note that RCE attacks require high qualifications and are usually associated with organized hacker groups. XSS attacks are especially dangerous in online commerce due to the large amount of user input, where attackers can discreetly intercept confidential information.
Understanding the specifics of threats for different industries helps companies more effectively protect their digital resources, preventing financial and reputational losses, as well as protecting customers from data theft.
Read materials on the topic:
Espionage and complex cyberattacks: how hacker attacks on industry and telecom have changed
