igor - Fotolia

Stoke-on-Trent websites found to be most leaky ahead of GDPR

The majority of websites in the UK could be prone to cyber attacks, a security scan across 135,035 sites has revealed

Stoke-on-Trent is the area of the UK most likely to have vulnerable websites, according to a security bot scan from CyberScanner.

The company reported that out of the 167 websites its CyberMonitor tool scanned in Stoke on Trent, only 15 were found to be free of vulnerabilities.

Swansea followed close behind among cities with the highest proportion of vulnerabilities. CyberScanner reported that 250 (91.02%) out of the 275 sites scanned in Swansea had vulnerabilities.

The least number of vulnerabilities was found in Sunderland, where 131 (81.37%) sites out of 161 contained vulnerabilities.

The scanner was also able to identify that of 24,723 websites commercially based in London, 86% had serious security issues, while 85% of websites in Manchester, Birmingham and Bristol were also found to have vulnerabilities.

The non-intrusive monitoring conducted by CyberMonitor discovered that many websites suffered from serious security issues. The most common of these were based around cross-site scripting (XSS), SQL injection, cross-site request forgery (CSRF), and SSL certificate problems.

Scanning throughout the UK between 16 and 23 March 2018 revealed that 87% (117,638) of the 135,035 sites scanned contained serious security flaws.

When CyberScanner analysed the types of websites more prone to vulnerabilities, it found estate agent websites had the highest proportion of vulnerabilities (91.4%), ahead of adult sites (89.8%).

Websites about pets were broadly 10% less vulnerable, although 84 of the 104 pet sites (80.77%) analysed were found to contain vulnerabilities. Sports sites were found to be the least vulnerable, but again, CyberScanner reported that over 80% of them were found to contain vulnerabilities.

Although companies in the UK are now just one month away from the General Data Protection Regulation (GDPR) deadline, the statistics show that the vast majority of UK-based businesses are still vulnerable to cyber attacks and hacking, warned CyberScanner’s technical director, Reza Moaiandin.

Read more about website attacks

  • In this excerpt from chapter nine of Securing SQL Server, author Denny Cherry discusses why SQL injection attacks are so successful.
  • What are the main web security challenges for organisations and how are they best addressed?

Read more on IT legislation and regulation