CONNECTING THE DEFENCE COMMUNITY WITH INSIGHT, INTELLIGENCE & OPPORTUNITIES

Officially Supported By: Defence Contracts International Supply2Defence

Official Media Partners for:

New findings from Positive Technologies reveal that 82% of web application vulnerabilities can be found within the source code.

Positive Technologies’ new report details web application vulnerabilities as well as statistics on cyberattacks and malware. Positive Technologies has released its report Web Application Vulnerabilities and Threats: Statistics for 2019, which found that 9 times out of 10, hackers can attack site visitors.

Web applications of financial institutions had the best security in 2019, with no systems in this industry receiving a ‘poor’ or ‘extremely poor’ security rating. Web applications of state institutions are the least secure.

Head of Information Security Analytics at Positive Technologies, Evgeny Gnedin, said: “Password-only authentication is a contributing factor in most authentication attacks.”

“Lack of two factor authentication makes attacks very easy. Users tend to use weak passwords, which makes matters even worse. Bypassing access restrictions usually leads to unauthorized disclosure, modification, or destruction of data.”

Attacks against users include infection of computers with malware (percentage of this type of attacks on individuals went up to 62% in the third quarter of 2019, versus 50% in the second quarter), phishing attacks aimed at obtaining credentials or other important data and posing as a legitimate user via clickjacking to drive up likes and views. The high percentage of errors in the source code suggests that source code is not being checked for vulnerabilities during development, signalling that developers give short thrift to security, instead of focusing on app functionality.

According to experts, 90% of web applications are vulnerable to attacks on clients. Cross-Site Scripting (XSS) remains a significant vulnerability, as in previous years.

If you would like to join our community and read more articles like this then please click here.

cyber attacks cyber security Development digital hack malware statistics

Post written by: Vicky Maggiani

Vicky has worked in media for over 20 years and has a wealth of experience in editing and creating copy for a variety of sectors.

RELATED ARTICLES

How defence contractors benefit from increased defence spend and strategic cross-border initiatives

October 21, 2024

International opportunities abound

How defence contractors benefit from increased defence spend and strategic cross-border initiatives, article submitted by Richard Tall, Hans Mehrens,

Constellia has announced that it has been awarded the NVFi (Neutral Vendor Framework for Innovation (NVFi) [Award]) by the MOD to compliantly and transparently increase speed and value for money in digital and innovation procurement as part of the MOD’s procurement reform.

September 18, 2024

Homeland - MOD appoints Constellia to accelerate procurement

Constellia has announced that it has been awarded the NVFi (Neutral Vendor Framework for Innovation (NVFi) [Award]) by the MOD