According to Verizon – the global provider of wireless services, top place of data breaches in 2014 is held by the “miscellaneous mistakes”: 29.4% against 25% in 2013.
Email “errors” are usual things for most people, but they can cause serious problems for large enterprises.
According to Verizon – the global provider of wireless services, top place of data breaches in 2014 is held by the “miscellaneous mistakes”: 29.4% against 25% in 2013. Approximately 30% of these types of mistakes are caused by computer or operating system malfunctions, but 60% of these mistakes are being caused by a human – the user of the computer. Verizon investigators divided user mistakes that led to error cases, into three cathegories:
- 30% – valuable information sent to incorrect receivers.
- 17% – non-public information published at open servers.
- 12% – improper handling with personal data
In order to solve the problem Verizon researchers playfully advise to “place your index finger on your chest, and repeat again and again: ‘I am the problem!’ as long as it takes to believe it”. That’s a joke, of course, but nowadays it has sense.
Except typical user mistakes, internal employees of the company can unintentionally help in the cyberattack simply by clicking on malicious links in emails from senders that look trustworthy and downloading different types of harmful software. And the percent of such “co-hackers” that opened these “phishing” emails was 23% in 2014. And 11% clicked on the attachments files and opened them.
Last year Verizon carried out an experiment on users’ behavior. And as a part of the test, a couple of their partners sent 150,000 phishing email letters. And the average time of opening the letter was only 82 seconds. “With users taking the bait that fast, the hard fact is that you simply don’t have enough time to react on these threats. Companies should educate their employees to prevent such situations in the future” wrote Verizon.
Also Verizon mentioned attacks on Sony, eBay, Home Depot and other major companies in 2014 and stated that large companies finally began to understand that they may become victims of internet attacks.
Another large company – Symantec, the leader in the field of protecting software released it’s own report of the last year. Where the main conclusions are:
- More than 300 million new pieces of malware were created last year, approximately a million per day.
- The number of ransomware attacks grew up to 113%
- The number of ransom attacks with user’s files encryption jumped at the extremely high level – over 4,000 percent, and that is more than enough to count this threat as serious.
- 70% of cyberattacks using social media expect user to pass the threat to others.
Researchers in Symantec state that 60 percent of all attacks are addressed to small and middle-sized companies because they have less money to spend on the security. Also Symantec specialists found that many companies neglect simple rules of defense, such as blocking executable files or closing any unneeded incoming ports on the computers. These are one of the basic security recommendations but they can protect you from the new threat – the infected software updates. These are the modified update files for the commonly used programs. Upon the execution of such an infected file, the malicious code gets in the users computer. So it means that an unsuspecting user infects it’s own computer.
Here is a short video, showing a typical phishing email.