Security scans performed on 218,000 Magento websites - the most popular e-commerce platform - revealed 86 per cent are missing critical security patches.
The survey carried out last month by cyber security consultancy Foregenix focused on small and medium-sized company websites globally, including around 15,000 in the UK, found 2 per cent of the websites analysed were compromised and currently being harvested for their customers’ data.
Benjamin Hosack, co-founder and chief commercial officer of Foregenix, said the rise in cybercrime threatens to undermine confidence in e-commerce - especially in markets leading the way in online sales such as the US and UK - while heavy penalties by card providers put many smaller traders at risk.”
He explained that Magento and other e-commerce platforms release regular software updates in response to vulnerabilities, but if not used, websites can be highly vulnerable to hacking.
“Online businesses often assume web developers and agencies take care of security,” continued Hosack. “Design agencies are great at producing beautiful, transactional websites that sell, but their expertise on security issues generally isn't as well developed.”
Research this week from Juniper predicted that 12 billion personal records are expected to be stolen by cyber criminals in 2018, rising to more than 33 billion in 2023. Despite this, the consultancy forecast that cyber security spend will only increase by an average of nine per cent per company per annum.
However, analysis from the Business Continuity Institute and SavoyStewart found that firms in retail and wholesale spent an average of £2,940 on cyber security in 2017/18 – a rise of 21 per cent on the previous year.
Recent Stories