Cybersecurity: 5 Reasons Why Attacks Happen

Cybersecurity, and the mistakes we make.

Cybercrime has quickly become a major problem for home users, businesses and governments all over the world. This is because, according to Pew Research Center’s 2017 Report, far too many people are still making the same old, basic cybersecurity mistakes. While many have been making strides to become more cyber-aware, those who fall victim usually have committed one (or more) of the 5 reasons why cyber attacks happen. Read more to see if you’re part of this majority.

Reason #1:

Optimism Bias: “It won’t happen to me”

Whenever a person or business says this, it is usually followed by the below reasons:

• Our business is too small.
• We don’t have anything of value to hackers.
• The company doesn’t hold cash.
• Online business is not part of our company operations.
• We are smaller than our competitors.

The way our culture thinks is arguably the biggest issue with cybersecurity right now. Along with the misguided assumptions above, CEOs think they won’t be targeted, and home users think they’re not even in the scope. At this point in the game, everyone is a potential target.  Therefore, the “it won’t happen to me,” attitude will result in a large amount of poor security habits. Continue reading to see which poor security habits these include.

Reason #2:

Passwords: Still too easy to crack

According to CBS News Moneywatch, “security experts say a good hacker can break two-thirds of all passwords in existence today in a few minutes.” Weak passwords, such as “123456,” “password,” “12345678,” and “querty,” are shockingly still being used. Check out Online Owls blog, Top 25 Most Popular (and Worst) Passwords to see how bad these passwords really are.

Generic, guessable passwords can be easily cracked, and if you’ve used the same password across several accounts, beware of the repercussions. Cyber-criminals are taking advantage of brute-forcing passwords. This is an increasingly fast and easy way to crack passwords. This can be achieved if they are equipped with either the computing power, or they purchased this access via the dark web.

Generating random passwords or creating complex ones is the name of the password game. Consider utilizing a password manager, which will make your life much more easier (and secure.)

Reason #3:

Software updates: We push them to the back burner

We all know those notorious software updates. They seem to pop up when we’re doing something really important. So we click on that convenient “Remind Me Later” button and continue on. But of course, we’re reminded later, so we click on that “Remind Me Later” button again. And the cycle continues… with many people failing to understand just how important they are. Online Owls’ Software Updates Keeps the Hacker’s Away blog goes into further detail on why updates are so essential.

Cyber-criminals look to exploit out-of-date flaws, so when we fail to update, we’re essentially leaving our software and devices vulnerable to attack.  This was the case with the recent worldwide WannaCryptor ransomware cybersecurity attack on May 12, 2017. If the affected victims properly configured automatic operating system updates for all their PCs, then they may not have been vulnerable to WannaCryptor’s attack.

Reason #4:

Email Complacency: Spotting a fake is NOT obvious  

People keep falling for social engineering tactics. And, going back to Reason #1, we still believe it won’t happen to us. Instead, we need to remember that hackers are extremely good at what they do. The “quality” of their phishing emails have become more authentic-looking, the type of attacks have become more targeted, and therefore we need to be more vigilant. Keep yourself safe by carefully checking the recipient, the request, and be cautious of attachments. Read Online Owls’ Phishing Scams – Identifying Types and How to Prevent an Attack, and Phishing Emails – 10 Tips on How to Identify an Attack, to learn everything you need to know so you can spot that phish.

Reason #5:

Social media: The next playing field

Visiting social media sites, such as Twitter and Facebook, tend to invoke a casual atmosphere. We go there to escape work, to relax, or to catch up with our personal lives. People tend to let their guard down, and, the risk of letting certain information slip is greater. Because of this, cyber-criminals will use social media as a reconnaissance tool to socially engineer their targets.

For instance, say you’ve posted a photo of yourself at a PTA event promoting your child’s school. Attackers could fashion a spear-phishing email, designed to look like it’s from a fellow PTA member (a PTA directory list is bound to be on the school’s website). Within the fake email, they can request personal or financial information, of which you provide because the attackers designed the email to reflect a specific, personal situation in your life. And, unfortunately, you had posted all the clues that were used against you in this attack.

It’s imperative to be deliberate and realize that social media will always be attractive to cyber-criminals. But, there are ways you can reduce the risk of attack. The most important is how to make the best use of available privacy settings on all your social media channels. For more information on personal cyber-usage, read Online Owls’ Securing Your Home Network. 

 

Proactive cybersecurity can be achieved relatively simple:  by being vigilant. Use good password hygiene, conduct regular software updates, promote optimal email management, and be non-complacent on social media. Cyber threats are now a fact of life. Make sure you minimize the threat, and to minimize the impact when (not “if”) an incident occurs.