87% of Magento e-commerce websites at ‘high risk' from cyber criminals says new report

87% of Magento e-commerce websites at ‘high risk' from cyber criminals says new report

Posted 05 June, 2019 at 09:30

Author Mark Bradshaw on behalf of (ISW) Independent Shop Watch


Additional Images

New research has found 87% of SME websites using the Magento platform are currently at high risk from cyber attacks.

By contrast, under 10% of websites using other major e-commerce platforms surveyed register in the same high risk category.    

The research, from cyber security specialists Foregenix, analysed nearly 9 million websites worldwide, including over two million in Europe. 200,000 of sites surveyed worldwide use Magento (and companies using Magento 2 were also covered in the research).

The analysis carried out in April and May by Foregenix's Threat Intelligence Group using its website security solution, WebScan, further revealed the proportion of Magento websites at high risk has increased from just under 80% from research carried out in October last year.

Other findings show the percentage of SME sites using Magento being at high risk is lower in Europe compared to North America. Europe, which accounts for 48% of all websites surveyed, registered 28% of high risk Magento sites. By contrast North America accounts for 43% of global sites analysed, but registered 60% of high risk sites. 

With small differences, 1.4% of the total number of Magento sites globally are compromised and showing signs of payment card harvesting malware stealing their customer data. One exception to the trend is Europe where 0.63% of Magento sites were compromised.

Sites assigned as high risk generally miss critical security patches or have serious security vulnerabilities such as an exposed admin page. Many of these issues can be easily resolved.

A study by Hiscox in October found a cyber breach costs a small UK business on average £25,700 in ‘basic clear-up' costs. Indirect costs such as reputational damage and difficulty attracting new clients were unmeasured but the insurer believes these are even more costly.

Foregenix' chief commercial officer Benjamin Hosack comments: ‘Magento is a market leader for good reason. However, this leadership position also attracts the attention of criminals looking for easy targets, such as websites that have not kept their Magento software up to date or have basic security flaws like leaving their admin page unprotected. 

‘In the vast majority of cyber attacks victims are small local businesses which never thought they'd be a target for criminals and didn't realise when they were hacked. Their payment data can be leaked to criminals for months on end before they are notified by credit card companies.

‘Most breaches aren't a result of extremely clever cyber criminal techniques. They are simply the result of basic security issues that have been overlooked by the website owners and developers. A few basic precautions such as deploying software patches quickly can make a big difference to minimising risk, whichever platform is used.'

www.foregenix.com


Companies can check their websites risk for free, please visit: https://webscan.foregenix.com/

More from (ISW) Independent Shop Watch

SPAR continues to support Marie Curie having raised £1.5 million
Press Release

SPAR continues to support Marie Curie having raised £1.5 million

02 July 2020
Spar store in Caerleon sold to property developer through Christie & Co
Press Release

Spar store in Caerleon sold to property developer through Christie...

01 July 2020
A.F. Blakemore to Give Away £30,000 with Community Cashback Scheme
Press Release

A.F. Blakemore to Give Away £30,000 with Community Cashback Scheme

29 June 2020
Today is World Refrigeration Day and Pastorfrigor GB  helps celebrate it
Press Release

Today is World Refrigeration Day and Pastorfrigor GB helps celebra...

26 June 2020