How do cyberattacks happen? It's a simple question, but one that requires a complex answer.
The 2017 Data Breach Investigations Report from Verizon is a good starting point in understanding the vast scope of possible attack vectors today's organizations face. The risks run the gamut from malicious insiders - individuals who misuse or escalate their access privileges - to external distributed denial-of-service (DDoS) campaigns.
The specific type of attack a given target is likely to face will vary widely, depending on its industry, size and the forms of data it handles. However, there is at least one common thread that runs through almost all cyberattacks: human error.
How human error both initiates and amplifies cyberattack damage
According to a report from the Willis Towers Watson consultancy, human error was behind 90 percent of the claims it had examined in the wake of data breaches, with a further breakdown revealing that:
- Employee negligence was a factor in two-thirds of the incidents it assessed.
- External threats (18 percent) and extortion (2 percent) were much less common causes.
This huge gap may seem surprising at first, but it makes sense on some level: Think of how much easier it is for someone to leave a laptop in an unsecured location, than it is for a cyberattacker to successfully make it past the various defenses protecting a modern IT network.
Such theft of poorly secured devices and data is often only the start of trouble for victims. The information contained in them - such as passwords or sensitive records - may allow for subsequent breaches. Accordingly, it is common for firms that either know or suspect they have been attacked to mandate that their employees and/or customers reset their passwords. The global accounting firm Deloitte forced one such change in October 2016, when it first realized that someone may have infiltrated its IT infrastructure.
What types of human error should you be concerned about?
The Willis Towers Watson assessment is not an outlier. The 2016 Cyber Security Intelligence Index found that 60 percent of all cyberattacks were carried out by insiders, with human error a major precipitator of such incidents. Some of the specific issues include:
1. Poorly managed administrator credentials
Administrator accounts are immensely powerful by definition. However, the security controls and failsafe measures for preventing their misuse are often inadequate. An easily guessed default password or the transmission of credentials via unsecured email can give unauthorized users all they need to cause trouble.
How do we know administrator account protections are not up to par? Consider the many changes to administrator privileges in Microsoft Windows Server 2016. It includes advanced features, such as "just enough administration," that vastly limit the scope and duration of administrator privileges.
It is always a good idea to implement such security measures if they make sense. Two-factor authentication - which requires an additional credential beyond the username/password combo - is also useful as an extra layer of protection against mistakes.
2. Misaddressed emails and other data leakage
Email is notorious for its porous security and propensity for data leakage. It's no surprise that numerous protective mechanisms - such as PGP encryption and automatic spam filters - have been tacked on to it over the years. It still has its shortcomings, however, if only because of its age.
What if someone sends an email containing sensitive data to the wrong address? This mishap is so common that a startup committed to solving the problem raised a $2.7 million round of funding in April 2017, according to VentureBeat.
"What if someone sends an email containing sensitive data to the wrong address?"
Its service is designed to cross-reference would-be recipients against historical company email data. But a better and likely more cost-effective option is to avoid the transmission of sensitive data in unencrypted email in the first place, so that a "wrong send" is not a catastrophe.
3. Falling for phishing
Phishing takes advantage of the weakest link in the security chain at many organizations: Its employees. An otherwise secure network can be vulnerable to phishing attacks, which attempt to entice email or social media users to follow malicious links.
The 2017 State of the Phish Report from Wombat Security Technologies found that over three-fourths (76 percent) of information had been victims of attempted phishing. The error is simple - clicking on something - but the consequences can be immense and may include the infection of a company network with malware.
Shoring up your security by changing your company culture
Cybersecurity isn't strictly about which technical solutions you implement. It's also about the kind of culture your organization creates. Are employees trained in how to identify phishing emails? Are there clear protocols for the exchange of sensitive information?
You can contribute to a culture that promotes cybersecurity by obtaining key certifications such as CompTIA Security+ and completing coursework in topics such as Cisco security, both at New Horizons Computer Learning Centers. View our complete course and certification listings here, then be sure to check out our webinars page for related content throughout National Cybersecurity Awareness Month.