New research has found 87 per cent of SME websites using the Magento platform are currently at high risk from cyber attacks.
By contrast, under 10 per cent of websites using other major e-commerce platforms surveyed register in the same high-risk category.
The research, from cybersecurity firm Foregenix, analysed nearly 9 million websites worldwide, including over 25,000 across Africa. 200,000 of sites surveyed worldwide use Magento.
The analysis carried out in April and May by Foregenix’s Threat Intelligence Group using its website security solution, WebScan, further revealed the proportion of Magento websites at high risk has increased from just under 80% from research carried out in October last year.
A study by IT services and consulting firm Serianu in April 2018 found African businesses losses from cybercrime are US$3.5bn, up from US$2bn in 2017. It also discovered Nigeria was hardest hit, followed by Kenya and Tanzania. More than 95 per cent of public and private organisations across the continent spent less than US$1,500 a year on cybersecurity measures, with SMEs in particular failing to invest according to the report.
The chief commercial officer Benjamin Hosack of Foregenix, which opened its Johannesburg regional hub in 2012 and operates across Africa comments: ‘Magento is a market leader for good reason. However, this leadership position also attracts the attention of criminals looking for easy targets, such as websites that have not kept their Magento software up to date or have basic security flaws like leaving their admin page unprotected.
‘In the vast majority of cyber attacks, victims are small local businesses which never thought they’d be a target for criminals and didn’t realise when they were hacked. Their payment data can be leaked to criminals for months on end before they are notified by credit card companies.
‘Most breaches aren’t a result of extremely clever cyber criminal techniques. They are simply the result of basic security issues that have been overlooked by the website owners and developers. A few basic precautions such as deploying software patches quickly can make a big difference to minimising risk, whichever platform is used.’