About 53% of web application attacks in the retail attacks involved SQLi attacks, compared with just 27% across all other sectors.
Online retailers are suffering twice the amount of injection attacks as other industries, according to the latest web application attack report from Imperva.
The study of 70 web applications revealed that SQLi attacks are particularly prevalent and intense for web applications in retail.
The research found that 53% of web application attacks in the retail attacks involved SQLi attacks, compared with just 27% across all other sectors.
The research also found that the average web application received 749 individual attack requests per attack incident during a six month period, while the average duration per incident was 22 minutes, with the longest attack recorded at just over 9.5 hours.
Some applications received over 3,000 attacks, while some incidents were made up of as many as 148,000 individual attacks.
Amichai Shulman, CTO at Imperva, said that organisations should base security measures on the worst case scenario, not on the average case.
"This report demonstrates that the automation and scale of attacks leave a large footprint that can be better addressed by looking at data gathered from a large set of potential victims. Thus it is important to rely on one’s peers to acquire intelligence on malicious sources and apply this intelligence in real time," she added.