A quarter of all cyber attacks in the UK last year were aimed at the web application layer, with technology companies most at risk, according to managed security services provider NTT Com Security.
The firm, formerly known as Integralis, analysed data from its security operations centres (SOCs) across Europe to reveal that most web app attacks came in the form of cross-site scripting (XSS) and SQL injection attacks.
Other popular drivers for web app attacks included data exposure and reconnaissance to gather info about system vulnerabilities.
NTT Com Security’s global director of security strategy, Garry Sidaway, told Infosecurity that a greater focus on developing secure coding standards and education and training programs for app developers is a must.
“Without exception when we talk to business about applications, their first statement is that most of the applications were developed years ago and ‘we don’t touch them’,” he added.
“The second most common comment is that ‘we test and have development life cycles, but there is huge pressure to get applications into production quickly’.”
He argued that regular testing and assessment of applications is necessary, “built into a clear and well defined process of development and deployment”.
“My other advice would be to simplify your architecture and gain visibility of your applications and understand exactly what they are doing and how they are being used,” he added. “Visibility and simplification of your infrastructure and applications will enable you to secure them.”
Security monitoring can also help, said Sidaway.
"Intrusion detection combined with active log (SIEM) monitoring can detect attacks against web applications.But most importantly it can detect if the attackers are trying to break further into the infrastructure," he claimed.
The research also found that the technology industry was the most vulnerable in the UK, accounting for a third of all attacks. Next came transportation (14%), manufacturing (13%) and healthcare (13%).
The majority of UK malware attacks (59%) and botnet activity (48%) was also directed at the technology industry.
“Technology companies in the UK are typically at the forefront of change within their global organizations leading to an increase in threats and attacks,” said Sidaway.
“This sector typically has services and provides technologies that cross multiple sectors, making it a prime target.”