Majority of websites vulnerable to attack

Two out of every three websites are open to cyber attacks, said US researcher Gartner.

John Pescatore, senior security analyst at Gartner, said website intruders could at the very least change the content and in some cases access information such as customers' credit card details.

"The defacement of websites is a very common occurrence," he said. "More than 5000 websites were hacked by August of this year."

Speaking at Gartner's European Symposium/ITXpo in Cannes this week, Pescatore said there are two different types of security threat: random and targeted.

"Random - such as hackers who use port scans to see who is vulnerable to attack, much like a thief testing doorknobs to see which are locked - and viruses, which are launched on the internet and not targeted at anyone in particular. Most attacks are random, and viruses are the most likely form of attack a company will see."

Pescatore said 80 per cent of companies worldwide will have already had a virus infection this year.

"But the most dangerous types of attack are the targeted attacks, such as denial of service and distributed denial of service attacks, where a hacker finds a vulnerable server and uses this to launch an attack on another company's servers until they crash. These types of attack are very difficult to stop or to trace."

Pescatore said some companies are beginning to use a system called 'self service' vulnerability testing where for about $5000 a year, a company's system is scanned over the internet for any vulnerability.

"Basically it is like you are rattling your own doorknob. Within the next year you will see security consultancies giving away these services so that you come to them for advice if they find a problem," he added.