iscover
ReporterShare this article on:
Powered by
MOMENTUM
MEDIA
In collaboration with an international team of researchers, UniSA has helped with developing a scanning tool designed to reduce website vulnerability from getting hacked and increase protection to cyber attacks.
Data breaches have skyrocketed since the shift to remote working environments, increasing reliance on cloud-based platforms due to malicious cyber actors leveraging on malware and phishing scams. While the rollout of 5G and internet of things (IoT) devices is set to enable more connectivity, it will increase attack surface vulnerability at the same time.
In the past two years, cyber crime has cost the world $6 trillion in 2021, reflecting a 300 per cent hike in online criminal activity.
The "Black Box Security Assessment" prototype, tested by engineers in Australia, Pakistan and the UAE, has been found to be more effective than existing web scanners that routinely fail to detect the top 10 weaknesses in web applications. The researchers compared 11 publicly available web application scanners against the top 10 vulnerabilities.
UniSA mechanical and systems engineer Dr Yousef Amer describes the development of the tool in the wake of escalating global cyber attacks, as one of the co-authors of a new international paper titled SAT: Integrated Multi-agent Blackbox Security Assessment Tool using Machine Learning.
"We found that no single scanner is capable of countering all these vulnerabilities, but our prototype tool caters for all these challenges. It's basically a one-stop guide to ensure 100 per cent website security."
Dr Amer and colleagues from Pakistan, the UAE and Western Sydney University, highlight numerous security weaknesses in website applications and how these are costing organisations.
"There's a dire need to audit websites and ensure they are secure if we are to curb these breaches and save companies and governments millions of dollars," Dr Amer said.
Web applications have become a prime target of cyber criminals who want to steal individual and company information and disrupt business activities due to the widespread adoption of e-commerce, iBanking and e-government sites.
According to Dr Amer, existing web scanners are falling short when it comes to assessing vulnerabilities, despite a projected $170 billion global outlay on internet security in 2022 as a result of escalating, and more severe cyber attacks.
"We have identified that most of the publicly available scanners have weaknesses and are not doing the job they should," Dr Amer added.
Since 2017, vulnerabilities have tripled, with nearly 72 per cent of organisations reporting at least one serious security breach on their website. Additionally, WhiteHat Security estimates that 86 per cent of scanned web pages have 56 per cent vulnerabilities on average; among these, at least one is classified as critical.
The "Black Box Security Assessment" prototype researchers are now seeking to commercialise their prototype.
[Related: Massive cyber attacks predicted to persist until Russian invasion ends]
Be the first to hear the latest developments in the cyber industry.
