Most websites can be "easily hacked"

New research finds that websites contain flaws that allow hackers to access and attack systems.

Most websites have vulnerabilities that could allow hackers to access systems or to launch Denial of Service (DoS) attacks, according to new findings.

The research carried out by security consultants NTA Monitor, found that 90 per cent of organisations' websites contain at least one or more flaws that could allow external users to gain unauthorised system access or disrupt service availability. A further 33 per cent of websites were found to have widely known critical vulnerabilities that are actively exploited by hackers.

The company's Web Application Security Report 2007 found that attackers focusing on web application security problems are actively developing tools and techniques for exploiting them.

Roy Hills, technical director at NTA Monitor said that with an increasing number of people using the internet for banking, shopping and bill payments it was "high time that organisations took greater steps towards protecting these revenue generating and efficiency enabling systems."

Hills recommended that organisations reduce the risk of having their website hacked by having an account lockout mechanism in place to put stops on accounts permanently or temporarily, as this would help prevent attackers from being able to use brute force to access user accounts.

He also said that meta characters such as single quotes, double quotes and semi colons should be avoided in order to minimise the threat of SQL injection attacks which, he said, were "a high risk vulnerability".

The advice comes a day after security company Zone-H found that 20,365 websites had been accessed and defaced by one hacker in 24 hours. The Turkish hacker, known as aLpTurkTegin, managed to access and deface the sites, including one for popular TV series Battlestar Galactica.

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

Data breach exposes widespread fake reviews on Amazon
data breaches

Data breach exposes widespread fake reviews on Amazon

7 May 2021
TsuNAME vulnerability could enable DDoS attacks on major DNS servers
distributed denial of service (DDOS)

TsuNAME vulnerability could enable DDoS attacks on major DNS servers

7 May 2021
What are SSH keys?
cyber security

What are SSH keys?

7 May 2021
Google’s about to push everyone into two-factor authentication
Security

Google’s about to push everyone into two-factor authentication

6 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021