Human Participation Lies Behind 99% Of Cyber Attacks
As we now know that effective email cyber attacks often need the targeted victim to open a file, or click on a link, that is in the fake email you have received. While a tiny fraction of attacks target software faults to compromise systems, the vast majority of cyber crime, some 99%, require some level of human input to make it happen.
This analysis and investigation comes from our research at Cyber Security Intelligence and is based on work and reporting we have done in discussion with cyber security and commercial partners over the last three years. What has become obvious is that the global cyber crime rate has significantly increased year on year and that phishing attacks are becoming increasingly sophisticated.
The cyber criminal operations now going on have an estimated financial impact of at least $450 billion worldwide.
While Internet dependency and the digital economy are flourishing, 68 percent of business leaders said their cybersecurity risks are also increasing. Whether by accident or intent, many employees are often the root cause of successful cyber attacks. It's often difficult to distinguish a malicious email from a regular one because attackers will tailor attacks to look as if they come from a trusted source, such as cloud service providers like Microsoft or Google, colleagues and the CEO.
This social engineering is the key element in making effective attacks work and hackers are copying how the organisations operates to improve their hacking attack rates.
As most people use their phones to manage financial operations or handle sensitive data outside the security of their home network, this becomes a prominent threat. The fact that users typically hold all their information on their phone, and this seriously increases the security risk if the device is lost or stolen.
For example, a user might be suspicious of an email claiming to come from a colleague that arrived in the middle of the night, but one which arrives in the middle of the working day is more likely to be treated as a legitimate email, with the potential for the victim to accidentally set the ball rolling for an attack.
Phishing is one of the cheapest, easiest cyber attacks for criminals to use, but the reason it remains a cornerstone of hacking campaigns is because, phishing works.
While many phishing attacks are designed to look highly legitimate, there are ways to identify what could potentially be a malicious attack. For example, unexpected emails that are based around a sense of urgency could be viewed as suspicious. If a user is in doubt, they could contact the supposed sender of the message to see if it is a legitimate message.
Organisations should ensure they have proper and reasonable frequent cyber training for all employees as this reduces the likelihood of cyber-attacks gaining access by at least 80%.
Update your software and security patches every six months or so as this decreases the effects of malware that relies on known vulnerabilities within your systems. With new advances in AI-driven technology, utilizing AI in cyber attacks will become an even more popular and dangerous trend.
For more information, please contact Cyber Security Intelligence.
You Might Also Read:
Dealing With Malicious Emails: