by | 7 Jul 2015

Hackers are opportunistic, what about you?

By innovating to adapt to new technologies and to consumers’ evolving habits, hackers remain faithful to the ancient and time-proven methods. They aim easy targets that are sure to yield results, typically the SMB and eCommerce profiles. Discover in this article how hackers know if your website is vulnerable and how to assess risks for your online shops.

More than 70% of cyber attacks exploit patchable vulnerabilities

A Verizon study (2015) on web breaches shows that hackers are highly opportunistic in nature , they aim easy targets. Unlike targeted attacks, when an attack is executed against a specific target, an opportunistic attack aims to exploit all vulnerable websites.

Attacks can be spread through various methods: phishing campaigns, malwares, Cross-Site scripting attacks (XSS), or SQL injection as we have seen recently with the famous Chief Jamie Oliver website:

Image from

This study underlines that 70% of cyber attacks exploit patchable vulnerabilities, meanwhile patches are already available , or vulnerabilities are easily patchable. Some of these vulnerabilities remain from 1999. Yes, you are not dreaming!

How do hackers know that my website is vulnerable?

They simply use Google or another search engines. They just have to search the right files name like login.php or config.php with keywords related to your beloved CMS or eCommerce platform.

Then, they just have to execute a script in order to test if the attack is properly working or not. As hackers are opportunistic, they performed automatic attacks and scripts that scan every single URLs ranked by Google for unprotected websites.

Even if your are a SMB with potentially no valuable date to steal, your network can be hijacked to become a proxy through which new attacks are launched. Your responsability is exposed. The attack can fall on your website by accident, as your eCommerce or SMB website is certainly ranked on search engines. Are you still thinking to be not a future target?

Evaluating risks for your eCommerce shop

The Verizon report underlines how websites can be vulnerable. Once the vulnerability is discovered and disclosed publicly, the vulnerability can be exploited for disastrous impacts.

Vulnerability assessment should be performed regularly in order to prevent a genuine attack on your eCommerce website. Continuous vulnerability assessment can reduce by 90% your attack surface and will really make a difference between being a potential victim or not.

OZON is a cybersecurity solution that assess your risk level for free in order to patch your vulnerabilities in a matter of clicks, until the full remediation. You do not believe me? Test your site for free on