{"id":40122,"date":"2019-12-23T11:45:06","date_gmt":"2019-12-23T11:45:06","guid":{"rendered":"http:\/\/icloud.pe\/blog\/?guid=3fd9bda79cef19452fc80420402810ab"},"modified":"2019-12-23T11:45:06","modified_gmt":"2019-12-23T11:45:06","slug":"xss-the-most-widely-used-attack-method-of-2019","status":"publish","type":"post","link":"https:\/\/icloud.pe\/blog\/xss-the-most-widely-used-attack-method-of-2019\/","title":{"rendered":"XSS the most widely-used attack method of 2019"},"content":{"rendered":"


\n Keumars Afifi-Sabet<\/a><\/span>
\n <\/span><\/p>\n

\n
\n
23 Dec, 2019<\/span><\/div>\n<\/p><\/div>\n<\/div>\n

\n<\/a><\/p>\n

\n

\u200b<\/span>The most widely-used cyber attack method used\u00a0to breach large companies in 2019 was\u00a0cross-site scripting (XSS)<\/a>, according to research.\u00a0<\/p>\n

The hacking technique, in which cyber criminals inject malicious scripts into trusted websites, was used in 39% of cyber incidents this year.<\/p>\n

This was followed by\u00a0SQL injection<\/a> and Fuzzing, which were used in\u00a014% and 8% of incidents respectively. Among other widely-used methods are information gathering, and business logic, although both were used in less than 7% of incidents.<\/p>\n

With 75% of large companies targeted\u00a0over the last 12 months, the report\u00a0by Precise Security also revealed\u00a0the key motivation behind\u00a0cyber crime has been the opportunity for hackers to learn.<\/p>\n

Almost 60% of hackers conducted cyber attacks in 2019 due to the fact it presents a challenge. Other prominent reasons for hacking a company\u2019s systems include to test the security team\u2019s responsiveness, and to win the minimum bug bounty offered<\/a>. \u2018Recognition\u2019 ranked sixth in the list of motivations, and was cited by just 25% of hackers. Bizarrely,\u00a040% also said that they preferred to target companies\u00a0that they liked.<\/p>\n

Digging into industry-specific insights, additional research published this month also\u00a0revealed the most prominent attack method faced by sectors within the UK economy.<\/p>\n

The most prevalent hacking technique in the business, finance and legal sectors, for example, was macro\u00a0malware<\/a>\u00a0embedded into documents, according to statistics compiled by Specops Software.\u00a0<\/p>\n

Retail and hospitality firms, meanwhile, suffered mostly from burrowing malware, present in 51% of attacks, as did governmental organisations, registering 37% of incidents.<\/p>\n

The healthcare industry was susceptible mostly to man-in-the-middle attacks, in which communications between two computer systems are intercepted by a third-party.\u00a0<\/p>\n

Distributed denial of service (DDoS) attacks were the most common form of attack faced by the technical services industry, with 58% of incidents using this method.<\/p>\n

As for how these attacks are conducted specifically, the Precise Security report showed that 72% of platforms used as a springboard for cyber crime are websites. WordPress, for example, is a prime target due to the massive userbase<\/a>, with 90% of hacked CMS sites in 2018, for instance, powered by the blogging platform.<\/p>\n

Application programme interfaces (APIs)<\/a> were the second-most targeted platforms in 2019, being at the heart of 6.8% of incidents, with statistics showing Android smartphones are usually involved in such attacks. <\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"

Keumars Afifi-Sabet<\/p>\n

23 Dec, 2019 <\/p>\n

\u200bThe most widely-used cyber attack method used\u00a0to breach large companies in 2019 was\u00a0cross-site scripting (XSS), according to research.\u00a0
\nThe hacking technique, in which cyber criminals in…<\/p>\n","protected":false},"author":433,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-40122","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/40122","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/users\/433"}],"replies":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/comments?post=40122"}],"version-history":[{"count":1,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/40122\/revisions"}],"predecessor-version":[{"id":40123,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/40122\/revisions\/40123"}],"wp:attachment":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/media?parent=40122"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/categories?post=40122"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/tags?post=40122"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}