Hollywood has painted the world of hacking as a slick, complex, world of nation state attackers using undetectable, 0-day attacks against large corporate organisations. Whilst sometimes that's exactly the case, most of the time it's not like that at all. We’re seeing focused and organised criminal groups performing exploits of often very old vulnerabilities against smaller companies and merchants. Most of the entities being breached never gain media attention and small/medium sized businesses are being decimated by hackers every day.
The problem is; most of these breaches are avoidable. Regular patching and updates to Internet exposed websites would dramatically reduce the likelihood of being hacked. Yet our research confirms the bulk of ecommerce merchants are not doing this!
If you've followed our blog for a while, most of this won't come as a surprise to you, however, actions speak louder than words. Is there a better way of demonstrating how vulnerable out of date software is than showing you ourselves?
To highlight the problem we are going to be conducting a live hack at the Mastercard MEA Innovation Forum in Barcelona. During this event Our CEO, Andrew Henwood, will be showcasing an exploit that affects older versions of the Magento framework. Although an old exploit, we’re still identifying and investigating hundreds of ecommerce merchants who are still not patched.
The audience will be over 300 strong, with many being fellow industry leaders, speakers, and panelists, including Steve Wozniak (The Woz, Apple co-founder) and Jonas Kjellberg (Skype founder). Alongside the live hack will be a Q&A session with other Mastercard cyber experts - as part of a 45 minute session titled 'Rethinking Risk for a Connected World'.
Steve Wozniak (Apple co-founder) Jonas Kjellberg (Skype founder)
If you're concerned about your websites security, why not try our free scanner? It's simple to use, with no downloads required and it could save your business a lot of time, money and effort.
We've put together a short preview of the live hack that you can view below: