Cross-Site Scripting (XSS) Makes Nearly 40% of All Cyber Attacks in 2019
December 2019 by PreciseSecurity.com
Cyber-attacks have targeted nearly 75 percent of large companies across Europe and North America over the last twelve months. According to PreciseSecurity.com research, almost 40 percent of all cyber-attacks in 2019 was performed by using cross-site scripting, which is hackers’ favorite attack vector globally.
Challenge and Opportunity to Learn are Main Reasons for Hacking Companies Cross-site scripting or XSS is a type of injection attack, in which malicious scripts are injected into trusted websites. Most of the XSS attacks are performed by using a web application to send malicious code, mostly in the form of a browser side script, to a different end-user. The statistics show SQL injection is the second most used attack vector globally, followed by fuzzing.
However, the 2019 surveys revealed some interesting facts about the global hacker’s reasons for choosing the company to hack. Nearly 60 percent of them named the challenge and the opportunity to learn as the primary reason for doing cyber-attacks. Forty percent of hackers perform the attacks because they simply like the company, while 36 percent of them want to test the security team’s responsiveness.
More than 72 Percent of Hackers Attack Websites
With 72.3 percent of all cyber-attacks happening on the websites, the 2019 data indicates this is the hackers’ favorite platform to perform attacks globally. Because of its massive user-base, WordPress is one of the prime targets of hackers, and 98 percent of WP platform vulnerabilities are related to plugins.
An application program interface (API) is the second most targeted platform with a 6.8 percent share in the global hacking incidents list. The statistics show that around 7 percent of hackers choose Android mobile and operating systems for performing attacks. Attacks aiming at downloadable software and the Internet make only 3.9 percent of all hacking incidents globally.