An international team of researchers has developed a scanning tool to make websites less vulnerable to hacking and cyberattacks. The black box security assessment prototype, tested by engineers in Australia, Pakistan and the UAE, is more effective than existing web scanners which collectively fail to detect the top 10 weaknesses in web applications.
UniSA mechanical and systems engineer Dr Yousef Amer is one of the co-authors of a new international paper that describes the development of the tool in the wake of escalating global cyberattacks.
Cybercrime cost the world US$ 6 trillion in 2021, reflecting a 300% hike in online criminal activity in the past two years. Remote working, cloud-based platforms, malware and phishing scams have led to skyrocketing data breaches, while the rollout of 5G and Internet of Things (IoT) devices has made us more connected – and vulnerable – than ever.
Dr Yousef Amer and colleagues from Pakistan, the UAE and Western Sydney University highlight numerous security weaknesses in website applications and how these are costing organisations dearly. Due to the widespread adoption of eCommerce, iBanking and eGovernment sites, web applications have become a prime target of cybercriminals who want to steal individual and company information and disrupt business activities.
Despite a projected US$ 170 billion global outlay on internet security in 2022 against a backdrop of escalating and more severe cyberattacks, existing web scanners are falling way short when it comes to assessing vulnerabilities, according to Dr Amer.
The team identified that most of the publicly available scanners have weaknesses and are not doing the job they should. Nearly 72% of organisations have suffered at least one serious security breach on their website, with vulnerabilities tripling since 2017. A world leader in web application security estimates that 86% of scanned web pages have on average 56% vulnerabilities. Among these, at least one is classified as critical. The researchers compared 11 publicly available web application scanners against the top 10 vulnerabilities.
The team found that no single scanner is capable of countering all these vulnerabilities, but the prototype tool caters to all these challenges and is a one-stop guide to ensure 100 per cent website security. There is an urgent need to audit websites and ensure they are secure if these breaches are to be curbed and companies and governments can save millions of dollars. The researchers are now seeking to commercialise their prototype.
The global cyber security market was valued at US$ 139.77 billion in 2021. The market is expected to grow to US$ 376.32 billion by 2029, exhibiting a CAGR of 13.4% during the forecast period. The COVID-19 pandemic has been unprecedented and overwhelming, with security solutions undergoing higher-than-anticipated demand across the world compared to pre-pandemic levels.
The key drivers of the cyber security market are the emerging online e-commerce platforms and the advent of core technologies such as the internet of things (IoT), artificial intelligence (AI), cloud security, and others. Key market players focus on developing internet security solutions based on artificial intelligence (AI) platforms.
The growing demand for solutions is anticipated to gain traction with cumulative investments from Germany, France, India, Spain, South Korea, Italy, Canada, and Qatar, among others. The growing adoption of enterprise security solutions from manufacturing, banking, financial services, insurance (BFSI) and healthcare is expected to drive market growth in the future.