In the first half of 2025, Russian companies faced 600 million web attacks, exceeding last year's figures. The financial sector was the most vulnerable, with 4.1 million attacks per organization. Hackers most often use RCE attacks (remote code execution), which account for 24% of incidents. These attacks allow them to seize control of the server infrastructure, gain access to customer data, and conduct unauthorized transactions.
Such attacks are quite difficult to implement, so they are most often carried out by highly qualified hackers or even APT groups, which significantly exacerbates the situation. Unlike "amateurs," these cybercriminals always have clear and large-scale goals, and if they successfully exploit an RCE vulnerability, they can cause serious financial and reputational damage to the victim.
IT Companies Suffer from SQL Injections
The IT sector ranked second in the number of attacks — 2.6 million per company. SQL injections (20% of attacks) predominate here, compromising databases with information about customers and infrastructure. Bots scanning for vulnerabilities also account for 20% of threats. This indicates preliminary data collection before an attack.
SQL injections are especially dangerous for IT outsourcers who store confidential customer data, such as API keys and source codes. Leaking such data can become the basis for attacks on other organizations.
Online Retail Loses Customer Data
In online commerce and media, there were 1.2 million attacks per company. Half of the threats to retail are XSS attacks (cross-site scripting). Attackers embed malicious code into interactive elements of websites, such as search bars or payment forms, to intercept user data: logins, passwords, card numbers.
The abundance of user input and dynamic content makes XSS attacks a pressing problem for e-commerce. In addition, it is difficult for the average user to notice content substitution and recognize the phishing component of a web application.
General Trends and Protection
XSS attacks lead among all industries, accounting for 25% of threats, followed by RCE (14%) and Path Traversal (11%). The data was collected based on an analysis of 170 large organizations using the Webmonitorx platform to protect web applications and APIs.
Earlier, www1.ru reported that hackers had switched to targeted attacks on Russian industry.
Read more materials on the topic:
Hackers switch to targeted attacks: industry at risk
Summer phishing: what sites do fraudsters use to disguise malware from June to August
Security under threat: criminals extort money under the guise of applying for a Schengen visa
