Security web scans and analysis on over 80,000 European Magento websites reveal 80% are at risk from cyber criminals, according to leading global cybersecurity experts. The latest survey carried out by Forgenix in October identifies the most significant vulnerability for European SME’s is hackers looking to exploit the absence of critical security patches.
Global cybersecurity experts Forgenix found almost 90% of websites using Magento 1 were at risk, however, the figures fell sharply to under 40% for Magento 2 websites. The global analysis also reveals that 1.5% of these sites (2,548) are infected with malware. Out of these infected sites, 1,591 were compromised by credit/debit card stealing malware which is actively harvesting their customers’ sensitive data for subsequent sale and/or fraud.
A further 2.35 of all websites are vulnerable to Magento Shoplift, a vulnerability which was disclosed, and patches made available in January 2015. This reportedly allows hackers to completely administer the website remotely, steal sensitive data and even order items for free through a single exploit command, which is publicly available.
“While the figures for Europe are of great concern, they are roughly in line with our findings for many other regions such as North America,” said Andrew Henwood, Foregenix’s CEO. “The issues highlighted are a truly global problem, which threatens to undermine confidence in e-commerce platforms release regular software updates in response to vulnerabilities.”
“Simple precautions can make a real difference to reducing a company’s risk from criminals such as regularly patching, changing default settings on the administration interface and using stronger passwords with multi-factor authentication. Risk can never be entirely eliminated, so companies should also consider investing in a partnership with a cybersecurity specialist organisation and cyber insurance policy.”