Skip to main content

News: XSS turns 2019's most popular cyber-attack

Simon Roe, Product Manager Outpost24
Cross-site scripting or XSS is the most popular attack vector globally in 2019, accounting for 40 per cent of all cyber-attacks

Cross-site scripting, or XSS, grabs the dubious distinction of the most popular attack vector in 2019. This made up nearly 40 per cent of all attacks logged by security researchers, who also noted that almost 75 per cent of large companies across Europe and North America had been targeted over the last year. 

According to the research, SQL injection came second, followed by fuzzing. The researchers also found that 72.3 per cent of all cyber-attacks specifically targeted websites, with APIs coming in a very poor second at a mere 6.99 per cent. 

Simon Roe, product manager at Outpost24, said that the preference for targeting websites was highly likely to continue into 2020.

"Websites will continue to be hacked. Some of them will result in big hefty GDPR related fines. Many of these will likely be through third-party components. Magecart will continue to feature highly in the successful hacks that impact organisations financial data."

Despite the adoption of Shift left and Dev(Sec)Ops, web breaches will continue to be one of the largest reasons attacks are successful, he noted.  

"This will be especially true as organisations continue to developer applications quickly to meet ever changing market demands. Sadly, the OWASP top 10 is still fairly static in the top issues, and despite training and education available to help developers improve secure coding we will still see the same kinds of issues across many applications"

Read the full article by Simon Roe, product manager at Outpost24 here:

SC media outpost24 XSS turns 2019's most popular cyber-attack


Book a free demo

Looking for anything in particular?

Type your search word here