Kaspersky report: 42% of cyberattacks target public-facing apps

According to Kaspersky's latest Incident Response report for 2023, compromising public-facing applications remains the most common method employed in cyberattacks. These applications, which are accessible to external users over the internet, were found to be a primary vector in 42.37% of cyberattack cases. A significant portion of these attacks exploited known vulnerabilities, with over half of these vulnerabilities identified in 2021 and 2022.

The report sheds light on the cybersecurity risks associated with public-facing applications, which include e-commerce platforms, customer portals, social media networks, and online banking systems. Unlike internal-facing applications, which are typically confined to an organization's internal network and used primarily by employees, public-facing applications are designed for accessibility to anyone with an internet connection. This inherent accessibility makes them prime targets for cybercriminals.

Public-facing applications play a crucial role in facilitating interactions between businesses, customers, and stakeholders. They act as digital storefronts, providing essential services and information to users worldwide. However, their exposure to the internet also makes them vulnerable to a variety of cyber threats. The report from Kaspersky highlights several key dangers associated with public-facing applications:

Data Breaches:

These applications often store sensitive information, including customer data, payment details, and intellectual property. Successful attacks can lead to data breaches, exposing confidential information and potentially causing significant financial losses.

Malware Infections:

Cybercriminals may inject malware into public-facing applications to compromise user devices or steal sensitive information. Malware hidden within web pages can infect user devices upon access, facilitating unauthorised data access or financial fraud.

Phishing Attacks:

Public-facing applications are frequent targets for phishing attacks. These attacks aim to deceive users into revealing sensitive information such as login credentials or financial details. They can exploit vulnerabilities in the applications through various means, including email, fake websites, and social media links.

DDoS Attacks:

By launching Distributed Denial of Service (DDoS) attacks, cybercriminals flood an application's servers with traffic, overwhelming its infrastructure and rendering the service unavailable for legitimate users. This can cause substantial downtime and financial repercussions for organisations.

SQL Injection and Cross-Site Scripting (XSS):

Cybercriminals exploit vulnerabilities such as SQL injection and cross-site scripting to manipulate or steal data from public-facing applications. These attacks target the underlying code of web applications, allowing attackers to execute arbitrary commands or inject malicious scripts into web pages.

Kaspersky's report emphasises the importance of addressing these cybersecurity risks and implementing proactive security measures to enhance organisational resilience against cyber threats. Businesses must be vigilant in safeguarding their digital assets and reputations in today's interconnected world.

Konstantin Sapronov, Head of Kaspersky's Global Emergency Response Team, commented, "As organisations increasingly rely on public-facing applications to drive digital engagement, the cybersecurity risks associated with these platforms have never been higher. Incidents such as data breaches and malware infections can have devastating consequences for businesses and their customers. At Kaspersky, we understand the importance of swift and effective responses to cyber incidents and offer specialised Incident Response services to help organisations detect, respond to, and recover from cyber threats. With this support, businesses can strengthen their cybersecurity posture and protect their digital assets with confidence."