When talking about cybersecurity, we immediately think of technological tools such as antivirus software, firewalls, encryption keys … this is a mistake. The weakest point in the system is most often the human being. As a matter of priority, we should make an effort to strengthen this area. The four most common cyberattack vectors all have a direct link with our own human weaknesses:
- Weak passwords
- BYOD (bring your own device)
It is necessary for us to understand how these types of attacks function in order to be able to combat them.
Phishing is a technique used by hackers to obtain personal information in order to commit identity theft. The fundamental idea is to make the victim believe that he is addressing a trusted third party – his bank, local administration, etc. - to collect personal information such as: passwords, credit card numbers, date of birth, etc. It is a form of computer-based attack based on social engineering. It can be done via e-mail, falsified websites or other electronic means. Computer criminals generally use phishing to steal money. The most common targets are online banking, Internet service providers and auction sites such as eBay and PayPal. “Spear phishing” is a variation of phishing that typically affects businesses. Unlike traditional phishing, these attacks are targeted at a particular individual in the organization. One typically high enough in the hierarchy to make the attack more damaging.
Ransomwares are malicious software that can infect our computers in different ways. Currently the most widespread type works by sending an email containing a corrupted attachment. Once the attachment or link is opened, the malicious application will encrypt all documents linked to that computer; whether they are on the infected computer, an external disk, or on a networked disk that the computer can access. The encryption process first applies itself to the least viewed files - this way it is not immediately obvious that an attack has begun. This process of encryption can take some time, depending on the amount of data possessed. After the encryption is completed, the device is locked and a message is posted informing the user that a sum of money has to be paid to retrieve the locked data. Payment is usually requested in Bitcoin, which guarantees the anonymity of the transaction. The best way to protect yourself from ransomware is through prevention in the form of regular backups. For safety, some good practices must be observed: • Update your software: this includes browser plug-ins, Flash player, Java, Silverlight, … • Do not open attachments and do not click on links from unsolicited emails. Links can be checked using CIRCL’s ‘Abuse URL’ tool. • Update your antivirus software
Passwords are the foundation of any security policy. They must be solid and unique. Two characteristics that can be difficult to reconcile. Here are three tips to help you get there. a. Strength: “Brute force” attacks become more powerful every year. It is therefore important to have a solid password with a large number of characters (12 minimum), which include both digits and special characters. Dictionary words are to be avoided. Variants of dictionary words such as “B0njour” or “Pa $$ w0rd” should also be avoided as cybercriminals know them. It is always better to use sequences of random characters or, even better, to use the first letters of a phrase or sentence and then add numbers or special characters.
b. Password uniqueness is probably the biggest challenge for most users. It is virtually impossible to retain a large number of quality passwords given the requirements mentioned above. Keeping them on post-it notes is not a good idea either. There are two possibilities to help you manage complex passwords:
a. Start with a high-quality “keyword root” and then add suffixes (numbers or initials of services used);
b. Use a password manager: This solution is interesting because it allows users to generate high quality passwords without having to remember them. It also alerts you when a service has been attacked. This prompts users to change passwords more quickly. However, users have to be careful creating and remembering their strong “master password” and utilize double authentication via an online password manager.
c. In all cases, the option to use dual authentication (2 factors authentication) should be activated whenever possible and should be obligatorily for “sensitive” services such as Webmail, social networks, financial services, etc.
To BYOD or not to BE
Tablets and smartphones have been making their way into the business world for quite some time. This trend is referred to as “Bring your own Device” (BYOD). Their advantage in terms of productivity and mobility no longer needs to be demonstrated. But by their very nature these new tools introduce new risks: they are portable and are therefore susceptible to threats external to the office environment: these include mobile networks or unsecured Wi-Fi, loss or theft, malware … Therefore, it is essential to supervise the use of these new types of computers via a specific security policy. One which needs to be supported by control and inventory tools for tablets and smartphones which connect to the enterprise’s network or require the use of certain professional applications.
The 5th Element
These four factors of vulnerability depend very much on a 5th element: the human factor. The fact that everyone knows where vulnerabilities can lie and makes an effort to adopt good practices will ultimately increase the cyber resilience level of the businesses. Employees awareness is therefore essential to progress safely in the digital world.