Mass Media Web-Portals Are the Most Vulnerable Targets for Hackers
Positive Technologies Company conducted an analysis of cyber-attack vulnerabilities for different types of websites, the results show mass media web portals to be the most vulnerable.
Approximately 500 websites were tested, including websites of banks, government agencies, industrial enterprises, and telecommunications companies.
The analysis revealed that the amount of high-risk vulnerabilities that put companies at risk of unauthorized interference has increased to 62% (in comparison with 45% value of 2012); the highest number of applications with critical vulnerabilities (80%) was attributed to mass media websites.
According to the programming language factor of the analysis, PHP tops the list of the most vulnerable languages: 76% of websites, created with the use of PHP contain critical vulnerabilities. Java (70%) and ASP.NET (55%) share the second place.
The company also created a rating list of various types of vulnerabilities. According to the list, Cross-Site Scripting is the most common threat (78%), allowing hackers to affect the content of the web page in the user's browser in order to obtain credentials (for example, by creating links referring the user to fake login form). Insufficient protection from ID or password attacks (Brute Force) holds the second place in the rating.