Over 300 websites owned by the 30 biggest private companies in the UK contain flaws in their content management systems (CMS) that leave them open to a ‘Panama Papers’ security incident.
Research by security firm RiskIQ found that 1,069 websites identified as belonging to the top FTSE 30 companies are hosted on WordPress or Drupal, and the firm was able to find the CMS versions of these pages for 773 of them.
Common Vulnerabilities and Exposures known to affect WordPress or Drupel CMS platforms were found on 307 of the systems.
“That represents 40 per cent of the total number of sites where the version is known, and 29 per cent of the overall total. The real percentage of vulnerable CMS instances lies somewhere in between,” the firm said.
Ben Harknett, vice president of RiskIQ, explained that using platforms that contain flaws exposes businesses to the risk of having vital sensitive information accessed and stolen.
“Today’s cyber criminals research an organisation’s digital footprint looking for the soft targets to exploit, and content management systems rank high on their list,” he said.
“By running publicly accessible infrastructure and applications with known vulnerabilities we’re making their job easier. That so many exposures exist in our top FTSE companies speaks to the size of the problem."
RiskIQ said that companies should ensure that any CMS tool in use is regularly maintained and updated so that it does not provide an easy way in for hackers.
"In many cases they are not tier 1 applications set up and supported by central IT and this can all too often result in a set-up-and-forget approach," the firm said.
"Keeping a watchful eye on CMS instances is important to the overall security posture of any organisation."
The Panama Papers saw a huge trove of information on the financial affairs of rich and influential people the world over, including David Cameron, and few business execs would like having their firm's confidential information stolen and published for all the world to see.
Ultra-high-end all-in-one PCs from HP feature either 24-inch or 27-inch displays
Roomba 'smart' vacuum cleaner company iRobot plans to sell maps of users' homes to Apple, Amazon and Google
'Smart' products spying on their owners and selling the data for profit? Who'd have thought it!
TNT Express still struggling with NotPetya malware - crucial documents remain locked up in borked systems as staff grapple with manual procedures
TNT depots over-flowing with parcels as the company struggles to recover from NotPetya - while Reckitt Benckiser reports 'ongoing' recovery
Full roll-out of Android O expected within weeks