Failure to update patches still Achilles’ Heel of cyber security


Simple oversights still continue to undermine even the most stringent cyber security measures, according to Andrew Henwood, CEO of leading Wiltshire-based consultancy Foregenix.

Speaking on Wednesday at the Mastercard MEA Innovation Forum in Barcelona, Henwood said popular perceptions of hacking as a ‘slick, complex world of complex attackers using undetectable, zero-day attacks against large corporations’ are not the norm. The reality, he stressed, is ‘focussed and organised criminal groups exploiting very old vulnerabilities against smaller companies and merchants'.

The Foregenix CEO, who demonstrated a live hack to highlight ecommerce website vulnerability, also added that it’s never been easier for cyber criminals to identify vulnerabilities on websites, en masse, which can then easily be exploited for financial gain.

Speaking on a bill, which featured keynote talks from Steve Wozniak and Skype founder Jonas Kjellberg, Henwood said the failure to carry out the most basic cyber security activities such as regular patching continues to be the major security issue leaving website platforms, frameworks and plugins exposed to hackers and ridiculously easy to compromise.

Henwood concluded:

‘Most of the websites being breached never gain media attention. Smaller business are being decimated by hackers every day and most of these breaches are avoidable. Simple and routine digital hygiene, such as keeping your website platforms and pluginsupdated, is essential.’

Foregenix is offering a free webscan to any business or organisation which are concerned about the vulnerability of their website is to hackers.