Company websites more open to hackers – study
IP Converge Data Services Inc., a subsidiary of ePLDT Inc. is urging companies to beef up their web security as a result of a 2017 study by cloud-based web application platform Imperva Incapsula that showed a whopping 212 percent increase in web vulnerabilities.
According to the research, a total of 75 percent of these vulnerabilities are 14,082 web vulnerabilities have been attributed to third-party vendor plugins. recorded last year which is more than Valmonte noted that when successfully twice as much as the 6,615 recorded in 2016. The research further revealed that to edit, remove, and even post content on a more than half of these vulnerabilities website. The damage may range from alterhave a public exploit available to hackers while more than a third or 36 percent do not have an available solution such as a software upgrade workaround or software patch.
“Websites are common targets because they can generate a substantial amount of money for cybercriminals. For instance, an e-commerce website would normally store personal information. In the wrong hands, we already know the kind of risk we can get exposed to. Also, criminals can hold websites up for ransom from company owners,” IPC director for marketing and digital innovationNiño Valmonte said in a statement.
Ransomware, the method of putting up a website for ransom is a global phenomenon that is predicted to exceed $11.5 billion annually by 2019. The most common form of payment sought from victims in order to get their websites back is the popular cryptocurrency Bitcoin.
The study further revealed an equally alarming increase in the number of vulnerabilities in Content Management Systems (CMS), a tool used to create and manage content posted on a website. WordPress, one of the most commonly used CMS today, posted a 400 percent increase in new vulnerabilities since 2016. ing text to even changing the visual appearance of the entire website, a tactic commonly known as defacement. Criminals can also extract sensitive information stored inside a website through the CMS.
“These findings should serve as a wake-up call for organizations to put up stronger web security protocols. CMS because this is only the tip of the iceberg. CMS attacks also pose risks to personal
To protect one’s website, IPC recommends deploying security measures such as applying a Web Application Firewall Business websites are now more vulnerable to cybercriminals (WAF) that can monitor and control in
As a leading DDoS [distributed denial of service] mitigation service provider, IPC provides subscription-based WAF service through its IPC InCAST (In-Country Attack Scrubbing Tactics) services, a cloudbased Web Application Firewall proxy solution that is supported by the country’s feature local data scrubbing.
WAF can detect and block any malicious data, thereby stopping an attack from hap