Majority of websites vulnerable to hacking, report says

Two-thirds of websites are leaving themselves vulnerable to a hacking attack, new research suggests.

A study by security firm Rapid7 found only 33 per cent of sites its researchers tested had no vulnerabilities, highlighting how important it is for firms to look at their online security.

While you might think bigger, better built websites would be less vulnerable to hacking, all organisations tested - businesses of all shapes and sizes - were found to have similar problems.

“This is almost certainly due to the fact that IT infrastructure pretty much everywhere is built using the same software and hardware components,” Rapid7 said.

“Thus, all networks tend to be vulnerable to the same common misconfigurations that have the same vulnerability profiles when patch management isn't firing at 100 per cent.”

The research also found that most companies have a lack of usable, reliable intrusion detection capabilities.

“This is especially concerning given that most assessments don't put a premium on stealth; due to constraints in time and scope, pentesters generate an enormous amount of malicious traffic,” the report noted.

“In an ideal network, these would be setting off alarm bells everywhere. Most engagements end with recommendations to implement some kind of incident detection and response, regardless of the specific techniques for compromise used.”

hSo provides managed networks designed for business. To get an instant cost for a leased line at your location, visit our online leased line price checker.