While causes of cyber attacks vary, some occur again and again. Here are the top three ways we’re letting the criminals in.
We all take steps to keep our homes and our possessions safe. Whenever we go out, we lock our doors and close our windows so criminals can’t find an easy way in.
Why, then, do we act so differently when it comes to cyber security?
Let’s explore three of the key factors that compromise cyber security and increase the likelihood of cyberattacks such as hacking, phishing, malware or identity theft to name but a few.
1. Lack of security assistance
Too few people are aware of the simplest steps to increase cyber security. What’s more, most don’t have easy access to the resources they need, when they need them. Take passwords. It’s known the stronger your password is, the more secure your account will be.
In 2019, 23 million online accounts were still using the password “123456”. 71% of accounts are protected by passwords used on multiple websites. Our password habits need to change.
The best time to let people know about the strength of their passwords is when they’re setting up accounts. Simple bits of information like ‘how long the password would take to break’, or ‘whether it’s ever appeared in a known data breach’ can both greatly improve the strength of passwords at the account setup stage and in turn help prevent an unauthorized access to personal data and accounts such as banking, emails or social media.
2. System vulnerabilities
When cybercriminals spot a weakness, they pounce on it which in best case can e.g. temporarily block a website (DDoS attack) or worst, lead to a full security breach. That’s why system vulnerabilities can be so dangerous.
In January 2020, American software developer SolarWindswas subject to a cyber attack. Cyber criminals exploited a vulnerability in the company’s software after employees shared details of the system flaw online. The attackers succeeded in stealing the administrative credentials of an account holder and it is thought the same group was behind ransomware attacks that crippled 22 cities in Texas.
Minimising the threat of such attacks requires a combined reactive and preventative approach. As well as having the right security software, computer systems and network settings in place, it’s important to keep software up-to-date. This means installing software updates and patches as soon as they become available as they may fix vulnerabilities.
3. Assessing risk
Criminals want us to underestimate the risk of cyber attacks. The more we underestimate, the easier things are for them. Unfortunately, everyone’sability to calculate risk is poor!
Example of car accidents and plane crashes. Statistically, flying is far safer than driving. Yet, as many as 1 in 6 people have a fear of flying, while few people worry about driving their cars every day.
Quirks such as the above make it difficult for humans to calculate risk. Something known as the normalcy bias tricks us into thinking the future will be like the present.
In other words, we’re unable to calculate the risk of a cyberattack so we conclude such a risk probably doesn’t exist.
But the risk of cyberattack is very much real.
In fact, it’s a risk that’s growing every day. To reverse this trend, we need to begin protecting ourselves online. Ordinary people need to know the risks of cyber attacks (phishing, ransomware, malware), as well as the basic preventative measures they can take to keep safe from cyber crime.
Towards a more cyber secure world
Good advice exists and so do places to report a cyber crime such as the Internet Crime Complaint Center (IC3). But it’s all currently tucked away online, not available when and where people need it. Making information more accessible, in a way that is digestible, attractive and engaging can work wonders!
CybSafe’s Assist, Protect and Connect tools aim to provide this service. CybSafe Assist offers support and guidance on demand. It provides answers to cyber security questions when people need them most. CybSafe Protect is an interactive tool that helps improve security behaviour through goal setting. And CybSafe Connect is a mobile app that lets people access cyber security help wherever they are.
Cyber security awareness needs to become a useful part of everyday organisational culture. It needs to be something that reaches us and is relevant in our homes as well as in our places of work.
The risk of becoming a victim of cybercrime is becoming greater every day.
As things stand, our front doors aren’t just unlocked. They’re unlocked and wide open with welcome mats rolled out.
It’s time we take responsibility and do more about it.