Major retailers in the EU and US at risk to web attacks

Studies show that companies such as Costco, Walmart and The Home Depot are more exposed to cyber attacks on the internet than their EU counterparts, according to a study by Outpost24.

In the year that the global pandemic began, resulting in a 30% increase in online shopping and exponential growth in cyber security threats to businesses, Outpost24 analyzed the area of web application attacks for 20 of the largest retailers in Europe and the US to assess their level of security based on the findings of the Retail and E-Commerce Web Application Security – 2020 report.

An average risk assessment based on the Outpost24 Scout interface recognition tool found that the web applications used by US retailers had a higher risk, with a combined average risk assessment of 35 out of a maximum of 42,33, and thus higher than their EU counterparts (31 ).

According to the report, US retailers on average have more open web applications (3357), while European retailers have less (2799). However, despite a lower vulnerability, EU retailers have a higher proportion of applications using older components with vulnerabilities (27%) compared to their US competitors (22%). However, all retailers carry security risks in their web environment that may expose them and their customers’ data to potential exploitation and compromise.

Nicolas Renard, security analyst at Outpost24, comment: Hackers are masters of intelligence, and they will do their utmost to identify vulnerabilities in their target. The relatively high level of risk at large retailers is an alarming trend, as large areas of attack offer more opportunities for attackers to find gaps in their defenses and take advantage of potential benefits.

The list of retailers was selected based on Deloitte’s Global Retail Opportunities 2019 report and their public Web security environments were analyzed using the seven most common attack vectors used by hackers to determine the level of risk, including security mechanisms, page creation methods, distribution, authentication, input vectors, active content and cookies (scores from 1 to 100).

The security mechanisms have been the main attack vector for European and American retailers, with a risk level of 90.5 and 99 points respectively. For retailers who use HTTP sites and do not restrict access to opponents who try to penetrate unsecured parts of the site without encryption, this will contribute to a better score in the area of attack. Active Content, which looked at web applications running on scripts, came in second, with American and European retailers scoring 88 points or more. The third most important is the level of distribution, with all retailers scoring more than 77.9 points, due to the large number of product pages usually found on large e-commerce sites, which makes it difficult to secure everything.

Related Tags:

cyber warfare examples,cyber warfare pdf,cyber warfare ppt,cyber warfare upsc,top 10 cyber power countries,cyber warfare 2020,list of apt groups,advanced persistent threat examples,apt35,advanced persistent threat solutions,apt34,apt 30