US retail apps more exposed than EU counterparts

The web applications used by US retailers are more risky than those of EU firms, despite being more modern.

This is according to cyber analyst Output24, whose recent report found US retailers were running more publicly exposed web applications (3,357) compared with EU retailers, which ran fewer just 2,799.

Despite having a smaller attack surface, EU retailers had a higher percentage of applications using old components that contained vulnerabilities (27%) as opposed to their American rivals (22%).

The threat was judged against the following attack vectors: security mechanisms, page creations methods, degree of distribution, authentication, input vectors, active contents and cookies.

Stephane Konarkowski, security analyst at Outpost24, said: “How the web application is built and developed is a key risk indicator if you know where to look. Our research shows the complexity of modern-day applications and the need for retail organisations to understand their attack surface and risk levels. To avoid data breach and the loss of customer trust and revenue, retailers must address security hygiene as an essential step to protect their web applications and ensure the attack surface is kept at a minimum through continuous assessment.”

    Share Story:

Recent Stories

Cyber physical risks
Property damage as a consequence of cyber attack is often excluded from standard property policies, but as the industrial internet of things expands, so too do the risks. This podcast examines the evolving threat landscape. Published October 2021

Financial institutions were early adopters of cyber security and insurance. Are they still on top of the game?
Managing huge amounts of sensitive data online makes financial institutions a prime target for hackers. As such, the sector was an early cohort for insurers in creating cyber cover. Since then, the market has evolved almost beyond recognition. It continues to challenge itself to this day, complying with rigorous regulatory demands and implementing avant-garde enhancements to keep abreast of the ever-changing risks. Published June 2021