A quarter of cyber attacks executed in the UK in 2013 were mainly targeted at the web application layer, with technology firms being most at risk, accounting for about one-third of all attacks, a report from NTT Com Security has found.

About 59% of the UK malware attacks and 48% of botnet activity were also mainly targeted at the technology industry.

The analysed information from the company’s security operations centres (SOCs) across Europe revealed that majority of web application attacks were in the form of cross-site scripting (XSS) and SQL injection attacks.

Other major drivers for web app attacks included data exposure and investigation to collect statistics about system vulnerabilities.

NTT Com Security global security strategy director, Garry Sidaway, was cited by Infosecurity as saying that technology companies in the UK are typically at the forefront of change within their global organisations, leading to an increase in threats and attacks.

"This sector typically has services and provides technologies that cross multiple sectors, making it a prime target," Sidaway added.

Suggesting a greater focus on developing secure coding standards and education and training programmes for app developers, Sidaway said: "Without exception when we talk to business about applications, their first statement is that most of the applications were developed years ago and ‘we don’t touch them.

"The second most common comment is that ‘we test and have development life cycles, but there is huge pressure to get applications into production quickly."

The security firm suggested that a combination of intrusion detection and active log (SIEM) monitoring would make it easier to detect attacks against web applications, and highlight hackers’ attempts to break further into the infrastructure.