Page 6 - AeM_Nov_2018
P. 6
RESEARCH, ANALYSIS & TRENDS
Foregenix CEO Andrew Henwood announcing his research at the PCI SSC European Community Meeting in London.
Asian Magento websites at high risk from
hackers due to simple security oversight
According to the latest security web scans and analysis Foregenix has identified the absence of critical security
performed on 7,800 Asian Magento websites, carried out patches and significant vulnerabilities for Asian SMEs,
by Foregenix, 78% are at high risk from hackers due to whereby the cybersecurity expert, CEO Andrew
simple security oversight. That’s an incredible number, Henwood said: ‘While the figures for Asia are of great
considering that we are talking about the most popular e- concern, they are roughly in line with our findings for
commerce platform globally. At least the figures fell many other regions such as Europe and North
sharply to around 40% for Magento 2 websites. America. The issues highlighted are therefore a truly
global problem, which threatens to undermine
The global survey- which analyzed over 170,000 confidence in e-commerce, especially in markets
websites in total - also reveals that 1.5% of these sites leading the way in online sales. Repercussions as a
(2,548) are infected with malware. Out of these infected result of compromises are heavy penalties by card
sites, 1,591 were compromised by credit / debit card providers and these put many smaller traders at risk.
stealing malware which is actively harvesting their
customers' data for subsequent sale and / or fraud. Magento and other e-commerce platforms release
regular software updates in response to vulnerabilities.
A further 2.3% of all websites are vulnerable to Magento These security patches, if not used, can leave websites
Shoplift, a vulnerability which was disclosed and patches highly vulnerable to hacking and loss of sensitive data,
made available in January 2015. This allows hackers to Foregenix highlights.
completely administer the website remotely, steal
sensitive data and even order items for free through a The fact is, that online businesses often assume web
single exploit command which is publicly available. developers, agencies and hosting providers take care
of security concerns. However, design agencies are
Foregenix, renowned globally for its work on payment great at producing beautiful, transactional websites that
security, has an active threat intelligence team sell their goods, but their expertise on security issues
researching and analyzing attack trends, with a strong generally isn't as well developed. Agencies and their
focus on the e-commerce sector. clients need to be aware of e-commerce security flaws,
as even a single breach can be devastating for a small
The research has been presented for the first time at the business.
European Community Meeting of the Payment Card
Industry Security Standards Council in London.
6 November 2018 - Email Marketing & E-Commerce