Web Security Report – 26% eCommerce Sites Have Loopholes

TMO Group

Few days ago,one of the biggest internet security companies in China, 360 reported that web security issues have already affected our daily lives, which should be solved urgently. Take eCommerce industry alone, nearly 26% of eCommerce websites have high-risk loopholes. It is estimated that the situation will get worse by 2015.

The number of website backdoor is rising sharply

A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing unauthorized remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice) or may subvert the system through a rootkit.

According to the report, the number of high-risk loophole decreased. But the number of website backdoor is rising sharply. Throughout 2014, there were 8409 servers seized tested by 360 which cover 1.996 million websites, and 3465 of them had backdoors. It increased 7.4% than 2013.

The security of eCommerce websites are the worst

In 2014, 360 website safety testing platform scanned 1.642 million website and 37.6% of them had loopholes, 17% of them had high-risk loopholes.

website loopholes

The report said that 26% of loopholes came from eCommerce website. Second are information websites, which made up 24% of them. Then came the medical website (22%) and company website (21%). Bank website is relativity high security.

From the perspective of the time for loophole fixing, it took 97 days for Movie and Gov site to fix loopholes on average. Others were less than two months.

4 of top 10 cyber security issues happened in China

The report also summed up top 10 cyber security issues in 2014, which included “OpenSSL Heartbleed bug”, “eBay data leakages”, “Sony was attacked by hackers” and so on. It is known that 4 of them happened in China. They are “121 China internet DNS disaster”, “Ctrip loophole events”, “Express delivery information leakages” and “12306 user data leakages”.

360 did some research aiming at these attacks. They found that 91.4% of attacks came from within China and 32.9% of them came from Beijing.

TMO Group is a web development company in China. We mainly work in eCommerce website development. More details about our services, please leave a message in our website.

Leave a Comment