Redwood Shores, CA – August 16, 2011 – Imperva, a pioneer and leader of a new category of data security solutions for high-value business data in the data center, today released the latest research from its Hacker Intelligence Initiative (HII). The August 2011 HII Report details how hackers are leveraging the power of search engines, like Google, to successfully carry out automated cyber attacks against vulnerable websites.

Dubbed “Google Hacking,” hackers armed with a browser and specially crafted search queries (“Dorks”), are using botnets to generate more than 80,000 daily queries, identify potential attack targets and build an accurate picture of the resources within that server that are potentially exposed. By automating the query and result parsing, the attacker can carry out a large number of search queries, examine the returned results and get a filtered list of potentially exploitable sites in a very short time and with minimal effort. Because searches are conducted using botnets, and not the hacker’s IP address, the attacker’s identity remains concealed.

“Hackers have become experts at using Google to create a map of hackable targets on the Web. This cyber reconnaissance allows hackers to be more productive when it comes to targeting attacks which may lead to contaminated web sites, data theft, data modification, or even a compromise of company servers,” explained Imperva’s CTO, Amachai Shulman. “These attacks highlight that search engine providers are need to do more to prevent attackers from taking advantage of their platforms.”

Report highlights include:

• Detailed steps on how an industrialized botnet attack is carried out;
• Deep dive into a specific botnet attack on a popular search engine observed from May 2011 to June 2011 where the volume of attack traffic was significant: nearly 550,000 queries (up to 81,000 daily queries, and 22,000 daily queries on average) were requested during the observation period.
• Recommendations for search engine providers to combat these attacks
• Recommendations for businesses to protect vulnerable applications

The August 2011 HII Report can be downloaded here and further insight can be found on Imperva’s blog.

About Imperva

Imperva is a pioneer and leader of a new category of data security solutions for high-value business data in the data center. With more than 1,300 end-user customers and thousands of organizations protected through cloud-based deployments, Imperva’s customers include leading enterprises, government organizations, and managed service providers who rely on Imperva to prevent sensitive data theft from hackers and insiders. The award-winning Imperva SecureSphere identifies and secures high-value data across file systems, web applications and databases. For more information, visit www.imperva.com, follow us on Twitter or visit our blog.

Forward Looking Statements

Certain statements contained in this press release may be forward-looking statements made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995. Any such statements that are not purely historical are forward-looking statements, including, without limitation, statements regarding trends or projections related to our business and our expectations, beliefs, intentions or strategies regarding the future. These statements are subject to known and unknown risks, uncertainties and other factors, which may cause our actual results to differ materially from those implied by the forward-looking statements. We undertake no obligation to update any of the forward-looking statements contained herein after the date of this presentation, whether as a result of new information, future events or otherwise.

# # #

Imperva and SecureSphere are registered trademarks of Imperva, Inc. All other brand or product names are trademarks or registered trademarks of their respective holders.

Press Contacts

Investor Contact

Seth Potter
ir@imperva.com
Tel: (650) 832-6032