Cybersecurity Under the Spotlight: Beware of Risks Hiding Behind Public Applications

latest Kaspersky Incident Response Report 2023Compromising public applications remained the most common method of cyberattack, and one-third of those applications had known vulnerabilities, according to . He was attacked via ±. It was noteworthy that more than half of these vulnerabilities were discovered in 2021 and 2022. The first vector detected was found in 42.37% of the cases.

Following these alarming developments, Kaspersky listed the findings that institutions should be aware of regarding the cyber security risks of public applications as follows:

Understanding public applications

Public applications include software applications and services that can be accessed by users on the Internet. Unlike internal applications, which are typically used by employees within an organization’s network, public applications are designed to be accessible by anyone with an internet connection. These applications serve various purposes such as e-commerce platforms, customer portals, social media networks and online banking systems.

Cyber ​​security risks

Given their critical role in digital business operations, public-facing applications are often tightly targeted by cybercriminals due to their exposure to the Internet. ±rlar. Some of the cybersecurity dangers associated with public applications include:

• Data breaches:Â Public-facing applications often store sensitive information such as customer data, payment details and intellectual property. A successful cyber attack on these applications could lead to data breaches, exposing confidential information and resulting in financial losses.
• Malware infections:Â Cyber ​​criminals can inject malware into public applications to compromise users’ devices or steal sensitive information. Malicious codes hidden in web pages can infect users’ devices, leading to unauthorized access to data or financial fraud.
• Phishing attacks:Â Public-facing applications are phishing, where cybercriminals attempt to trick users into revealing sensitive information such as login credentials or financial details. They are prime targets for attacks. Phishing attacks carried out via email, fake websites or social media links are made public to deceive unsuspecting users. It can exploit security vulnerabilities in popular applications.
• DDoS attacks:Â Cybercriminals can launch DDoS attacks against public applications to disrupt their availability and prevent service to legitimate users. DDoS attacks can render the application’s servers unusable with heavy traffic, disrupting infrastructure and causing downtime and financial losses for organizations.
• SQL injection and cross-site scripting (XSS):Â Vulnerabilities such as SQL injection and cross-site scripting can be used by cybercriminals to manipulate or steal data from public-facing applications. These attacks target the underlying code of web applications, allowing attackers to execute arbitrary commands or inject malicious scripts into web pages.

By understanding the cybersecurity risks associated with public-facing applications and implementing proactive security measures, organizations can increase their resilience to cyber threats and improve their Digital assets in the world of Ili They can protect their reputation and reputation.

Head of Kaspersky Global Emergency Response Team Konstantin Sapronovshared the following information on the subject: “As organizations increasingly rely on public applications to increase digital interaction, the cybersecurity risks associated with these platforms are rising accordingly. Incidents such as data breaches and malware infections can have devastating consequences for businesses and their customers. At Kaspersky, we understand the importance of responding quickly and effectively to cyber incidents and are working to help organizations detect, respond to and recover from cyber threats. We offer specialized Incident Response services. Thanks to this support we provide, businesses can strengthen their cyber security posture and secure their digital assets.â€