Tuesday, 23rd October 2018

86% of websites at risk from hackers for simple security oversight

Security scans performed on 218,000 Magento websites, the most popular e-commerce platform, revealed 86% are missing critical security patches, according a leading cyber security consultancy.

The survey carried out last month by Foregenix focused on SME company websites globally, including around 15,000 in the UK, also revealed 2% of the websites analysed are compromised and currently being harvested for their customers' data.

The cyber security company, which is renowned globally for its work on payment security, has an active threat intelligence team researching and analysing attack trends, with a strong focus on the e-commerce sector. Recent research identified a growing global trend for brute force attacks in the first half of the year.

Benjamin Hosack, co-founder and chief commercial officer of Foregenix, said: ‘The rise in cybercrime threatens to undermine confidence in e-commerce, especially in markets leading the way in online sales such as the US and UK. While heavy penalties by card providers put many smaller traders at risk.

‘Magento and other e-commerce platforms release regular software updates in response to vulnerabilities. These security patches, if not used, can leave websites highly vulnerable to hacking.

‘Online businesses often assume web developers and agencies take care of security. Design agencies are great at producing beautiful, transactional websites that sell, but their expertise on security issues generally isn't as well developed. Agencies and their clients need to be aware of e-commerce security issues, as even a single breach can be devastating for a small business.

‘Simple precautions can make a real difference to reducing a company's risk from criminals such as changing default settings on the administration interface and using stronger passwords. Risk can never be entirely eliminated, so companies should also consider investing in a cyber insurance policy.‘

Any business that wants to know whether its website is secure can scan externally for free, using the same technology that detected the issues above at http://webscan.foregenix.com.

Bitdefender invests to deepen customer protection, enhance technology and expand portfolio well beyo...
Tessian’s machine intelligence automatically prevents security threats like spear phishing, misaddre...
Despite 59% of cybersecurity professionals saying the widening workforce gap puts their organization...
Glasswall Solutions is working with the National Cybersecurity Center of Excellence (NCCoE) at the U...
From patient data to time-critical communications. Lives depend on reliable information sharing in t...
Thycotic has released the findings from its 2018 VMworld survey of more than 250 IT operations prof...
The majority of executives (87%) around the world cite untrained staff as the greatest cyber risk to...
Duo Security and Exabeam have partnered to enhance and accelerate organizations’ threat protection w...