There is a project called the web hacking incident database (WHID), which collects data and statistics on web-application related security incidents. I was just looking into their report called The Web Hacking Incident Database 2009 which has some pretty interesting statistics in.
In order to judge the results and statistics of this database, we have to make sure we understand the contributors and where they come from: ![500x297[1]](http://www.halbheer.ch/security/wp-content/uploads/2010/03/500x2971.png "500x297[1]")
Therefore the output will definitely have some US-centricity but is nevertheless interesting.
There is no secret that the attackers go for money. Cybercrime came from cool to cash! If you look what the attacker did after a successful attack, this proves this statement once more:
![500x323[1]](http://www.halbheer.ch/security/wp-content/uploads/2010/03/500x3231.png "500x323[1]")
But how do they get in? How does a hacker actually attack a Web-Application? Again, not a lot of surprise here, more a confirmation of what we know already:
![500x262[1]](http://www.halbheer.ch/security/wp-content/uploads/2010/03/500x2621.png "500x262[1]")
I think, having SQL Injection on top should not surprise anybody who is working in this space.
So, looking at it is definitely worth in order to get a better picture from a security intelligence point of view
Roger
