In the race to produce user-friendly interfaces and customer-centred apps businesses are leaving their data wide open to cyber criminals. The Web Application Vulnerability Report 2015 from security vendor Acunetix has found nearly half of web apps contain a high security vulnerability.
The new report on 5,500 companies comprising 15,000 website and network scans, performed on over 1.9 million files by Acunetix’s cloud-based Online Vulnerability Scanner, finds nearly half (46%) of the web applications scanned contained a ‘high security’ vulnerability such as XSS or SQL Injection, while almost 4 in 5 (87%) were affected by a ‘medium security’ vulnerability.
Also many scans found the main superbugs of 2014 have not been patched, especially POODLE and 50% of the organisations scanned would fail at complying with the financial industry’s PCI Data Security Standards.
When it comes to Network Vulnerabilities, administrators are performing better, however the stats are still not reassuring at all. 10% of the servers scanned were found to be vulnerable to ‘high’ security risks, and 50% had a ‘medium’ security vulnerability.
Nick Galea, CEO at Acunetix says: “These are worrying stats, showing businesses are failing in some basic web security areas.…it’s just like leaving your wallet or unlocked phone lying around in a public place. It’s more a question of how long it takes, rather than if at all, before you are compromised.”