Analyzing the security posture of South African websites

2015 Information Security for South Africa (ISSA) Pub Date : 2015-11-23 DOI:10.1109/ISSA.2015.7335063

J. Mtsweni

{"title":"Analyzing the security posture of South African websites","authors":"J. Mtsweni","doi":"10.1109/ISSA.2015.7335063","DOIUrl":null,"url":null,"abstract":"Today, public-facing websites are virtually used across all different sectors by different types of organizations for information sharing and conducting core business activities. At the same time, the increasing use of mobile devices in Africa has also propelled the deployment and adoption of web-based applications. However, as the use of websites increases, so are the cyber-attacks. Web-based attacks are prevalent across the globe, and in South Africa an increase in such attacks is being observed. Research studies also suggest that over 80% of the active websites are vulnerable to a myriad of attacks. This paper reports on a study conducted to passively analyze and determine the security posture of over 70 South African websites from different sectors. The security posture of the local websites was thereafter compared against the top ten (10) global websites. The list of the websites was mainly chosen using the Amazon's Alexa service. The focus of the study was mainly on the security defense mechanisms employed by the chosen websites. This approach was chosen because the client-side security policies, which may give an indication of the security posture of a website, can be analyzed without actively scanning multiple websites. Consequently, relevant web-based vulnerabilities and security countermeasures were selected for the analysis. The results of the study suggest that most of the 70 South African websites analyzed are vulnerable to cross-site scripting, injection vulnerabilities, clickjacking and man-in-middle attacks. Over 67% of the analyzed websites unnecessarily expose server information, approximately 50% of the websites do not protect session cookies, about 30% of the websites use secure communications, in particular for transmitting users' sensitive information, and some websites use deprecated security policies. From the study, it was also determined that South African websites lag behind in adopting basic security defense mechanisms when compared against top global websites.","PeriodicalId":126848,"journal":{"name":"2015 Information Security for South Africa (ISSA)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 Information Security for South Africa (ISSA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISSA.2015.7335063","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

Today, public-facing websites are virtually used across all different sectors by different types of organizations for information sharing and conducting core business activities. At the same time, the increasing use of mobile devices in Africa has also propelled the deployment and adoption of web-based applications. However, as the use of websites increases, so are the cyber-attacks. Web-based attacks are prevalent across the globe, and in South Africa an increase in such attacks is being observed. Research studies also suggest that over 80% of the active websites are vulnerable to a myriad of attacks. This paper reports on a study conducted to passively analyze and determine the security posture of over 70 South African websites from different sectors. The security posture of the local websites was thereafter compared against the top ten (10) global websites. The list of the websites was mainly chosen using the Amazon's Alexa service. The focus of the study was mainly on the security defense mechanisms employed by the chosen websites. This approach was chosen because the client-side security policies, which may give an indication of the security posture of a website, can be analyzed without actively scanning multiple websites. Consequently, relevant web-based vulnerabilities and security countermeasures were selected for the analysis. The results of the study suggest that most of the 70 South African websites analyzed are vulnerable to cross-site scripting, injection vulnerabilities, clickjacking and man-in-middle attacks. Over 67% of the analyzed websites unnecessarily expose server information, approximately 50% of the websites do not protect session cookies, about 30% of the websites use secure communications, in particular for transmitting users' sensitive information, and some websites use deprecated security policies. From the study, it was also determined that South African websites lag behind in adopting basic security defense mechanisms when compared against top global websites.

查看原文本刊更多论文

分析南非网站的安全态势

今天，面向公众的网站实际上被不同类型的组织用于所有不同部门的信息共享和开展核心业务活动。与此同时，移动设备在非洲的日益普及也推动了基于web的应用程序的部署和采用。然而，随着网站使用的增加，网络攻击也在增加。基于web的攻击在全球范围内普遍存在，并且在南非可以观察到此类攻击的增加。研究还表明，超过80%的活跃网站容易受到无数的攻击。本文报告了一项研究，被动地分析和确定来自不同部门的70多个南非网站的安全态势。然后将本地网站的安全状况与全球排名前十(10)的网站进行比较。网站列表主要是通过亚马逊的Alexa服务选择的。研究的重点是所选网站采用的安全防御机制。之所以选择这种方法，是因为可以在不主动扫描多个网站的情况下分析客户端安全策略(它可以指示网站的安全状态)。因此，选择相关的web漏洞和安全对策进行分析。研究结果表明，在分析的70个南非网站中，大多数容易受到跨站点脚本、注入漏洞、点击劫持和中间人攻击的攻击。超过67%的被分析网站不必要地暴露服务器信息，大约50%的网站不保护会话cookie，大约30%的网站使用安全通信，特别是在传输用户敏感信息时，一些网站使用废弃的安全策略。研究还表明，与全球顶级网站相比，南非网站在采用基本安全防御机制方面落后。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2015 Information Security for South Africa (ISSA)

自引率

0.00%

发文量