Recently, the cybersecurity experts at Foregenix have unveiled that of 4,500 Australian and New Zealand Magento websites scanned and analyzed, over 78% are found highly vulnerable to hackers.
According to Foregenix, the lack of necessary security patches can be a favorable condition for the hackers to commit cybercrime.
The experts have conducted a survey on Sydney’s Magento marketplaces and discovered that 90% of the websites using Magento 1 were at risk. Meanwhile, the figure for Magento 2 websites is a lot lower (around 35%).
Also, according to the global analysis carried out over 170,000 Magento websites, 2,548 websites are identified to be attacked by malware and 1,591 suffer from credit/debit card stealing malware which collects customer’s data for subsequent sale or fraud.
Another finding is 2.3 of all websites are found susceptible to Magento Shoplift. It is a vulnerability which enables hackers to access administration pages on the website remotely, harvest customer data and orders by using a publicly available command.
Cybercrime- a highlighted concerning issue for ecommerce businesses.
The Foregenix’s CEO, Andrew Henwood said: ‘The issues highlighted are a truly global problem, which threatens to undermine confidence in e-commerce, especially in markets leading the way in online sales such as Australia and New Zealand.”.
He also added that the issues can bring in serious consequences especially for small traders as they might be penalized heavily by card providers.
How can the issues be resolved?
To cope with security vulnerabilities, Magento has regularly rolled out software updates for users. “These security patches, if not used, can leave websites highly vulnerable to hacking and loss of sensitive data.” Andrew said.
Web developers, agencies and hosting providers can help you in creating an attractive and transactional website, however, they may not have profound expertise on security issues. Therefore, it is important that you need to pay careful attention to your own website’s security issues to detect and handle a breach timely before it turns out to be disastrous.
As Andrew suggested, to mitigate the risk from cyber criminals, merchants should regularly update security patches, change the default settings on the admin interface, and use stronger passwords to prevent unauthenticated logins. Since risk can’t be completely resolved, merchants may think of partnering up with a cybersecurity specialist organization to ensure better security protection for their sites.