Today, public-facing applications play a pivotal role in enabling businesses to interact with customers, partners, and stakeholders. These applications, ranging from websites to APIs and web services, serve as the digital storefronts of organisations, providing essential services and information to users worldwide.

But in its latest Incident Response report, Kaspersky found that public-facing applications remain the most common attack vector used by cybercriminals to infiltrate a victim’s system. In light of these findings, the cybersecurity experts are issuing guidelines to help businesses using these applications to remain cyber-resilient.

According to the latest Kaspersky Incident Response report 2023, compromising public-facing applications remained the most common method of cyberattacks, and one third of these applications were attacked via known vulnerabilities. It’s also noteworthy that over half of these vulnerabilities were discovered in 2021 and 2022. This initial vector was found in 42,37% of cases.

Alongside these alarming statistics, Kaspersky is unveiling its findings regarding the cybersecurity risks of public-facing applications that organisations must be aware of.

Understanding public-facing applications

Public-facing applications are software applications or services accessible to external users over the Internet.

Unlike internal-facing applications, which are typically used by employees within an organisation’s network, public-facing applications are designed to be accessed by anyone with an Internet connection.

These applications serve various purposes, including e-commerce platforms, customer portals, social media networks, and online banking systems, among others.

The cybersecurity dangers

Given their critical role in digital business operations, public-facing applications are often targeted by cybercriminals due to their exposure to the Internet. Here are some of the cybersecurity dangers associated with public-facing applications:

* Data breaches. Public-facing applications often store sensitive information such as customer data, payment details, and intellectual property. A successful cyberattack on these applications can lead to data breaches, resulting in the exposure of confidential information and financial losses.

* Malware infections. Cybercriminals may inject malware into public-facing applications to compromise user devices or steal sensitive information. Malicious codes hidden within web pages can infect users’ devices when accessed, leading to unauthorised access to data or financial fraud.

* Phishing attacks. Public-facing applications are prime targets for phishing attacks, where cybercriminals attempt to trick users into revealing sensitive information such as login credentials or financial details. Phishing attacks conducted via email, fake websites, or social media links can exploit vulnerabilities in public-facing applications to deceive unsuspecting users.

* DDoS attacks. Cybercriminals may launch DDoS attacks against public-facing applications to disrupt their availability and deny service to legitimate users. By flooding the application’s servers with traffic, DDoS attacks can overwhelm the infrastructure, causing downtime and financial losses for organisations.

* SQL injection and cross-site scripting (XSS). Vulnerabilities such as SQL injection and cross-site scripting can be exploited by cybercriminals to manipulate or steal data from public-facing applications. These attacks target the underlying code of web applications, allowing attackers to execute arbitrary commands or inject malicious scripts into web pages.

By understanding the cybersecurity risks associated with public-facing applications and implementing proactive security measures, organisations can enhance their resilience against cyberthreats, and safeguard their digital assets and reputation in today’s interconnected world.

“As organisations increasingly rely on public-facing applications to drive digital engagement, the cybersecurity risks associated with these platforms have never been higher,” comments Konstantin Sapronov, head of global emergency response team at Kaspersky. “Incidents such as data breaches and malware infections can have devastating consequences for businesses and their customers.

“At Kaspersky, we understand the importance of swift and effective responses to cyber incidents and offer specialised Incident Response services to help organisations detect, respond to, and recover from cyber threats. With this support, businesses can strengthen their cybersecurity posture and protect their digital assets with confidence.”