Imperva security stats confirm even hackers love a World Cup thriller

The 2014 World Cup soccer grand final between Germany and Argentina was so popular around the world that even hackers took time off from their depredations to watch, a traffic analysis from Imperva has revealed.

A time-based analysis of attack figures, garnered from Imperva's cloud-based security monitoring infrastructure, found that while the frequency of hack attacks increased during non-finals World Cup matches, during the July 13 grand final there was a lull as attack frequency dropped to just 2 percent of its normal volume.

Almost without exception, the frequency of attacks and malware campaigns increased before quarterfinal and semifinal matches. For example, the July 5 Argentina-Belgium quarterfinal match saw 9630 attacks per hour before the game, 9481 attacks per hour during the game and just 5175 attacks per hour after the game.

The post-game figure was still more than twice the 2125.5 attacks per hour that would normally be observed during a comparable timeframe.

By contrast, there were just 149 attacks per hour before the final, 160.5 per hour during the match, and 34 per hour afterwards.

These figures suggest a strong affection amongst the hacker community for the German World Cup team, with attacks surging after the team's 1-0 quarterfinal win over France on July 4.

There were 3517 attacks per hour recorded in the leadup to the game and 3917 attacks per hour during the match, but 14,715 attacks per hour in the wake of the match – suggesting an attempt to cash in on fans' enthusiasm about the team's progression.

Barry Shteiman, director of security strategy with Imperva, took the figures as a reminder that CISOs need to be particularly vigilant during high-profile events as they confirmed that hackers were riding waves of interest created by broadly-popular events.

“The only logical thing to do now is to congratulate Germany on winning the World Cup, and make sure that CIOs are adding more resources to their security operation centres,” Shteiman said.

“They need to ensure that their staff can still monitor security events while the World Cup or other popular events are happening. It seems that hackers are leveraging this time window.”

This article is brought to you by Enex TestLab, content directors for CSO Australia.