The Cyber Security Threat From Employees

Uploaded on 2020-08-04 in NEWS-Cybersecurity News, JOBS-Training, JOBS-Careers, FREE TO VIEW

One of the biggest threats to cyber security in any organisation comes from its employees, even if they aren’t behaving maliciously. We all make mistakes. We are only human, after all. Unfortunately, when it comes to cyber security, that’s also kind of the problem. The human factors in cyber security are one of the biggest challenge when building an effective threat prevention strategy.

Human error is the leading cause of data and security breaches, responsible for over 90 percent of such incidents as they are not predicable, whereas technology and computers are predictable. 

Computer systems and tech related appliances will conduct the exact task they have been coded to perform. They have no free will nor will they apply their own decisions. They cannot interpret the orders given to them depending on whether they make sense, or, if they are ethical or not. Therefore, they are reliable.

On the other-hand people are weak in security awareness and governed by emotions, characteristic traits, personal views and ideologies that dictate their actions each day. 

Furthermore, they are manipulated by persuasion or curiosity and are susceptible to everyday mood changes. People are the weak link between an intruder and security and their behavior can lead to exploitation. Cyber-crime is solely human related and security is a people problem. 

Three reasons explain why technology and security are inter-correlated with humans. 

  • Firstly, people are in control of systems and technology, not the other way around. 
  • Secondly, people have monetary or data gains from exploiting it. 
  • Thirdly, there are victims that provide an easy target for malicious behavior. 

As a consequence, even though security tools and software are rapidly adapting to new complex threats, the threats are also changing to overcome the new barriers. Humans are adaptable and innovative and they can interpret instructions. Common mistakes from individuals can answer the question why is ransomware and other threats still spreading.

In order for any type of malware to run in a computer it has to be executed by a user. Firstly, it has to be downloaded and secondly, it has to ask for permission to run in the system. 

Both actions require a human to authorise them, whether the user knows what he or she is downloading. For that matter we need to make a clear distinction between intentional and thus malicious user and unintentional or naive user. Malicious users mainly exist inside organisations and companies that employ them.

The malicious insider usually possesses some level of technical skills and has a deeper motive behind his actions, namely, revenge for his mistreatment by a company or dissatisfaction for his salary. These attacks are specific and offer insight on the attacker himself. However interesting, the main issue at hand are everyday users who lack knowledge and motivation to adapt with technology. These users, named unintentional insiders, are the main issue that shed light to the human factor in the majority of ransomware attacks.

Ignorance is a key concept present in many cases of users. More often than not this will lead to accidental downloads of files the user doesn’t recognise or knows what they are. The failure to identify them makes the user curious as to what they are or if they are useful. 

Furthermore, the attack may seem like an official site or file that asks the user to download it and run it. In similar tests about Phishing e-mails, which are categorised as social attacks. Humans believe that such threats and attacks don’t involve them and would never happen. This leads to behavioral patterns like using simple passwords to access the system or even the same password for various systems.

Often an attack will be caused by a current or former employee, contractor, or business partner who has or had authorised access to an organisation’s network, system, or data and intentionally exceeded or misused that access in a manner that negatively affected the confidentiality, integrity, or availability of the organisation’s information or information systems. 

When security incidents happen at a business, it’s important that employees are on hand to either spot the breach, or mitigate the risks. After all, while employees can pose a risk to companies (as seen in our findings thus far), they also have an important role to play in helping protect the companies they work for. However, employees don’t always take action when their company is hit by a security incident. In fact, in 40% of businesses around the world, employees hide an incident when it happens.

Technology is always changing and adapting, following the speedy evolution of systems, while users may fall behind. Hard to use new technologies that are introduced without firstly slowly introducing the changes can cause confusion to users, especially when they are not experts to the field.

Small and medium businesses are being targeted by cyber criminals much more frequently than individuals and they often end up paying ransomware to the hackers.

Organisations often bury the incident and do not report the attack. The dark number of ransomware attacks is such due to the fact that admitting it means the organisation or business lacked security procedures and placed their client’s data at risk. In the worst case scenario, the decryption key provided by the attacker is false and will not unlock the infected system, forcing the victim to report the crime.

In order to overcome these potential deficiencies organisations should implement a wide variety of training schemes in an attempt to educate end-users and we recommend GoCyber as a training package to test as it really engages and improves employees and managements cyber security.

Vircom:        NIST:       Kaspersky:      Dark Reading:         iCIO:          ResearchGate:       Semantic Scholar

You  Might Also Read:

Every Single Employee Requires Cyber Security Training:

 

« China's Surveillance State Extends Beyond Its Borders
Unicorn Hacked By ShinyHunters »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Prolinx

Prolinx

Prolinx provide secure Data Centre hosting services and other fully managed security services for networks and information systems.

RSA Insurance Group

RSA Insurance Group

RSA is one of the world’s leading multinational quoted insurance groups. Commercial services include cyber risk insurance.

Cobwebs Technologies

Cobwebs Technologies

Cobwebs Technologies provide web intelligence solutions for Law Enforcement (including cybercrime), Intelligence Agencies and Federal Agencies.

Robert Half Technology

Robert Half Technology

Robert Half Technology offers a full spectrum of technology staffing solutions to meet contract and full-time IT recruitment needs.

Augur Security

Augur Security

Augur Security (formerly SecLytics) is the only cybersecurity platform using AI-powered behavioral modeling and agentic automation to reliably predict and block threats before they launch.

TorGuard

TorGuard

TorGuard is a Virtual Private Network services provider offering secure encrypted access to the internet.

Langner

Langner

Langner is a software and consulting firm specialized in cyber security for critical infrastructure and large-scale manufacturing.

Hysolate

Hysolate

Hysolate has transformed the endpoint, making it the secure and productive environment it was meant to be.

iZOOlogic

iZOOlogic

iZOOlogic protects hundreds of the world’s leading brands, across banking, finance and government from cybercrime. We provide strong cyber defence solutions to protect client digital assets.

LogicalTrust

LogicalTrust

LogicalTrust security testing specialists find the weakest points in your company and show you how to fix them step-by-step, as well as how to improve your security.

ProLion

ProLion

ProLion provides Data Integrity solutions that ensure organisations’ data remains secure, compliant, manageable and accessible.

OSI Security

OSI Security

OSI Security's primary services include penetration testing, security auditing, web application security testing and risk management.

Orca Technology

Orca Technology

Orca is a UK-based Managed Service Provider delivering end-to-end managed IT services, support, hosted desktop, cloud solutions and strategic guidance.

Network Coverage

Network Coverage

Network Coverage align, maintain, and integrate technology and cloud solutions with business operations to improve productivity and security with as few issues and disruptions as possible.

Promptfoo

Promptfoo

Promptfoo helps developers and enterprises build secure, reliable AI applications.

Memgraph

Memgraph

Memgraph, is an in-memory graph database designed for real-time applications such as risk assessment, 360-degree data and network data exploration, and supply chain and network logistics.