Research Show 82% of Security Breaches start with Users

Research Show 82% of Security Breaches start with Users

Research has now verified what most of us in the IT support business know; end user error is the key to security lapses. Don’t get me wrong, I’m not picking on the end users. In fact, the one thing I’ve been a long time advocate for is end user training for cyber-security basics. If this was implemented globally in companies, we would see a major decline in identity theft and cyber-crime.

The problem here is most companies seem un-interested in investing in this kind of training until a breach accually happens. Sad but true. That is changing though as the government is now holding companies responsible for lapses in security that expose customer information. How do hackers get the information to get in and how do we fix this? Let’s dig into the major source of the problem; Phishing.

Phishing is how 82% of data breaches originate according to recent reseach. The DNC breach during the 2016 election is the best example of that. This methods impacts everyone in their personal and business lives. We’ve all seen the emails that impersonate UPS, Dropbox, USPS, Chase Bank and others. Our SPAM filters and ISP blacklists are suppose to prevent these from getting to us but hackers are creative and adaptable.

Recently, Microsoft’s own Office365 users were attacked by several phishing emails that posed as notices from their own services. Some were notices that said “emails were returned or undelivered” and offered a link to look at them to fix the issue. The emails are genuienly convincing and the phishing site you land on looks very conviningly like a Microsoft login page. Some I’ve seen recently are even secured with SSL certificates, but with one major giveaway. The address in the address bar is obviously not Microsoft. There are two ways you get hit by these hackers:

  1. The website you are landing on is usually someone else’s that has been compromised. This means that malicious spripts are already looking for browser and computer vuneribilites to exploit. Scripts run in the background without your knowledge so notify your IT department if you accidently go to one of these sites so they can check your machine for malicious code.
  2. Any information acually submitted is instantly routed to the hacker who planned it and they will start testing these to login to Microsoft services to see what else that can exploit. If you do this by accident, notify your IT department immediately and request a password change. If you use the same password for othe services, login into those services and change your passowrd immediately.

Best prevention method: train end users how to recognize these emails when they get them to prevent them from landing on these compromised websites. Train them to report such emails to IT staff and train IT staff how to identify compromised sites and notify IT personell who control those sites to secure them. It will take a team effort to put a dent into this problem.

An Easy Detection Method All End Users Should Practice

If you receive an email notice from any shipping company, bank or on-line service; do not trust it. Go to the company’s page directly in a browser to login and see if there is accually an issue. Do not use the link provided in the email. Secondly, hold your mouse pointer over the “From” name in the upper part of the email. The actual email address it was sent from will appear in a pop-up bubble on most computer systems. IF THE EMAIL ADDRESS IS VERY LONG OR DOES NOT END IN THE ACUAL COMPANY’S DOMAIN NAME, DELETE IT! For example, notifications from UPS usually come from an address like “notify@ups.com” not “notify.ups.com@metoo.ru”.  If this is a corporate email, just don’t delete it. Report it to your IT department so they can take appropriate action to notify others and take preventative action.

We now do training both on-site and via webinar for companies that will educate your employees on the basics of cyber security practices, teach the how to safeguard important information, and how to safely transmit important information.

For more information, contact me at rtrembath@quasardata.com.