News

Majority of retail and finance software is vulnerable to attack

Sean McGrath

Up to 70% of retail and 69% of finance applications are susceptible to cyber-attacks, according to new research published today.

Cast, a software analysis firm, examined 705 million lines of code used by 1316 enterprise applications and found that retail and financial service solutions were most vulnerable to attack.

“So long as organisations overlook the impact software quality can have on security, we can expect to see more high-profile attacks leading to the exposure and exploitation of sensitive customer data,” said Lev Lesokhin, executive vice president of Cast.

“Businesses handling customer financial information have a responsibility to improve software quality and reduce the operational risk of their applications - not only to protect their businesses, but ultimately their customers,” he added.

The researchers were specifically looking for input validation violations, the bug behind Heartbleed. The missing bounds check in the implementation of the TLS heartbeat extension was behind 80% of all attacks against retail applications last year.

Given the amount of personal data housed in retail and finance applications, it will come as a surprise to many that they also appear to be among some of the most vulnerable.

The report comes at the same time as Sony and Microsoft’s gaming networks came under attack.


Join the conversation Comment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.