News and sports websites have some of the lowest levels of security adoption, making them vulnerable to cyber attacks, a new study has found. Researchers looked at the security protocols used by the top 500 sites in various industries and online sectors.
They found that fewer than 10 per cent of news and sports websites used basic security protocols such as Transport Layer Security (TLS).Even those that do are not always using the “latest or strongest protocols”, researchers said.
“It is like news and sport content providers do not value the security of their content,” said Professor Alan Woodward, a cyber-security expert at the University of Surrey in the UK. “They are leaving themselves vulnerable to attacks like cross-site scripting, where an attacker can pretend something has come from a website when it has not,” said Woodward.
The study shows that some sectors seem much more security-conscious than others, ‘BBC News’ reported.The websites of computer and technology companies and financial organisations showed a much higher level of adoption than shopping and gaming sites, for example.
A quarter of the shopping sites studied were using TLS, which offers tools including digital certificates, remote passwords, and a choice of ciphers to encrypt traffic between a website and its visitors. The study was published in the Journal of Cyber Security Technology.