Home News Web Application Threat! U.S. Retailers More Vulnerable than European Counterparts

Web Application Threat! U.S. Retailers More Vulnerable than European Counterparts

November 11, 2020

Outpost24, an innovator in identifying and managing cybersecurity exposure, stated that online sales surged by 30% globally in the wake of the pandemic, which also attracted various targeted cyberattacks. In its latest survey, “2020 Web Application Security for Retail & Ecommerce Report,” Outpost24 highlighted the web application security analysis for the top 20 retailers in the U.S. and EU. The research revealed that U.S. retailers have a larger attack surface with an average risk exposure score of 35.1 (out of 42.33) vs. an average score of 30.8 for EU retailers.

“With web applications accounting for 43% of data breaches in 2019, this research brings this to the top of the boardroom agenda in 2020 and digs deeper into the overall retail attack surface – taking a magnifying glass and critical view into the potential risks of the web applications that we all know and shop with regularly,” the report stated.

Key Findings:

U.S. retailers run 3,357 web applications over 401 domains, with 8% of them considered as suspect and 22% of them running on old components containing known vulnerabilities

EU retailers run 2,799 applications over 509 domains, with 4% considered as suspect and 27% of them are running on old components containing known vulnerabilities

Security mechanisms (95); active content (93.3) and degree of distribution (81.5) are the average top three attack vectors identified across U.S. and EU retailers

90% of the top 10 EU retailers are running outdated jQuery vs 50% for U.S. retail

U.S. retailers more up to date than EU retailers in the use of modern application technologies, however with new technology adoption they are twice more likely than their EU counterparts in running shadow IT which creates more potential risks for U.S. retailers

The research also found retailers using outdated servers to run their applications from Amazon S3 to older versions of the Apache Server. Outpost24 recommended retailers to ensure their servers are updated with the latest upgrade and close down servers that are no longer in use to prevent web servers from various attack vectors.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Web Application Threat! U.S. Retailers More Vulnerable than European Counterparts

Key Findings:

EVEN MORE NEWS

The Annual Cyber Security In Financial Services Summit 2024

AI in Cyber Online

Saudi Global CISO Summit

POPULAR CATEGORY

The Annual Cyber Security In Financial Services Summit 2024

Key Findings:

EVEN MORE NEWS

POPULAR CATEGORY

We Care