CybersecuritySecurity NewswireCybersecurity NewsRetail/Restaurants/Convenience

New Data Predicts Unprecedented Levels of Holiday Hacking

cyber7-900px.jpg
November 21, 2019

A new report from Tala Security predicts unprecedented levels of online data theft this holiday season due to a lack of deployed client-side security measures.

The State of the Web Report highlights the widespread vulnerability resulting from integrations that enable and enhance website functionality. These integrations, which exist on nearly every modern website operating today, allow attackers to target PII and payment information. 98% of the Alexa 1000 websites were found to be lacking security measures capable of preventing attacks. In related warnings, both the FBI and the PCI Council cautioned that hackers are targeting online credit card information.

“Online merchants and website owners must recognize the critical need for client-side security. The fundamental driver of online commerce — consumer trust — is at stake as attackers target widespread client-side vulnerabilities to steal credentials, credit card numbers, financial data and other PII,” said Aanand Krishnan, Founder & CEO of Tala Security. 

Key findings from report include:

  • Only 2% of Alexa 1,000 sites have implemented effective controls to prevent personal, financial and credential theft.
  • User form data sent, captured on forms available on 98% of websites, is exposed to 10 times more domains than intended by the website owner. This creates a massive opportunity for data theft from attackers.
  • The average website relies on 31 third-party integrations, which provide nearly two-thirds of the content customers view on their browsers. This content is delivered via client-side connections that lack effective security controls. 
  • Most consumers will be surprised to learn that only one-third of the content rendering on their browser is owned, created and served by the owner of the website. The remaining two-thirds is served via client-side connections that lack effective security.
  • Although 27% of website owners attempt to deploy security measures, only 2% succeed in deploying effective policies capable of preventing client-side attacks.

Download the report here: https://go.talasecurity.io/state-of-the-web-report-2019

 

KEYWORDS: cyber security cybersecurity hacking PCI

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Related Articles

Related Products

See More ProductsSee More Products

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!