Human Error in Cybersecurity Breaches

Running a business is difficult work. There are so many factors you need to consider. One area of business that’s become increasingly more important is cybersecurity. Cyber-attacks are on the rise, so you’ll need to do everything you can to protect your company.

Cybercriminals are always looking for ways they can exploit organizations. One of the main ways they like to manipulate people is by taking advantage of human error. So, what exactly is human error in cybersecurity, and how can you protect your company?

This article explains some of the different kinds of human error that affect cybersecurity and offers security tips to help keep your company safe.

 

Physical Security Errors

Many people don’t consider physical security a part of cybersecurity. However, cybercriminals often resort to “real-world tactics” as companies are increasingly paying attention to things like firewalls, antivirus software, and data backups. If a criminal can physically get into your company property, they can damage your digital infrastructure. For example, they could install new keyboards that log keystrokes, insert malicious USB sticks into workstations, or simply walk out with sensitive hardware.

Letting unauthorized people into your company offices is a significant human error that can compromise your organization’s security. Given that this type of error could lead to a significant security breach, you’ll need to take measures to minimize this threat. For example, you might require employee swipe cards or use specific keys or access codes to enter the premises. You also need to ensure your employees know that letting unauthorized people into the offices poses a risk to the organization.

Another physical security error is when employees don’t properly secure the site. For example, they might go home without locking doors properly. This could allow unauthorized people to get in and access the computer systems. You can mitigate these kinds of problems by having clear expectations and responsibilities laid out. Everyone should know basic security rules and know who is responsible for locking up the property at the end of the workday.

 

Skill-Based Errors

In small-to-medium-sized businesses, people often make skill-based errors. This is when someone performs a task incorrectly, potentially causing a security risk. For example, a worker might fail to correctly set up antivirus software on their workstation. Or they might turn off the antivirus protection entirely. You can minimize these skill-based errors by reducing the control workers have over their workstations. You should have clear administrator privileges set up. This means people won’t be able to tamper with the antivirus software unless they work for the IT department.

Skill-based errors don’t necessarily happen because an employee is incompetent. These errors often occur because an employee is tired or distracted. This means you can reduce skill-based mistakes by making sure your workers are not fatigued or overworked.

This type of error can also occur when employees don’t have the correct training or if they’ve been dishonest about their level of experience. As an employer, you must always ensure your workers have the skills they need to do the job. If your employees’ IT skills are lacking, you should consider training seminars or training courses. Not only will this help protect your company against cyber-attacks, but it will also help your workers develop their skills and become better professionals.

 

Decision-Based Errors

Decision-based errors are another kind of error that could impact business protection. This is when an employee makes a decision that leads to a security issue. For example, someone might open a file that installs ransomware on the company network. Someone could also plug in a USB stick that was infected with a virus.

If you want to reduce decision-based errors in your workplace, you need to prevent people from making poor security decisions. This means your staff will need to understand security risks well. You can do this by having security seminars and a clear security policy in your employee handbook.

Another solution is to have systems in place that prevent risky behavior. For example, you might prevent people from being able to plug in USB sticks or open EXE files.

 

Misdelivery

Misdelivery is a form of human error where someone sends files, documents, or information to the wrong person. This can be a significant problem if your company deals with confidential data.  If misdelivery occurs, you’ll need to disclose the data breach to your customers, which could impact your company’s reputation and lead to less business in the future.

 

You can combat this by ensuring there are clear procedures for working with confidential information and ensuring you are compliant with security standards.

 

Password Problems

Another form of human error relates to passwords. Everyone knows that you need to have unique, strong passwords, but few people put this into practice. In fact, around 56% of people reuse the same password across multiple services.

When people do this with their work account, it introduces a problem. You can’t control what your workers do in their personal lives. If someone is using the same password at home and on their personal accounts, it’s a significant risk. If hackers get into their personal account using their password, it’s possible they will try the password across other services. This will enable hackers to breach your systems.

One of the best ways to deal with this is by having a good password policy. Having mandatory password changes every few months makes it much less likely that people will use the same passwords they use in their personal life.

Another potential solution is using multi-factor authentication. This is when you need both your password and a verification code to log on. When you input your password, a verification code is sent to a second device or service. For example, you might receive the code as a cell phone text message.

This is a great policy as it eliminates a lot of the risk of human error. Even if hackers have an employee’s password, they still can’t break in without the code.

 

Social Engineering

Another way hackers use human error to their advantage is through social engineering. Social engineering is when hackers use clever psychological tricks to manipulate people into compromising their security.

For example, someone might call an employee pretending to be the CEO. If the employee falls for this technique, it’s a serious human error. Social engineering is very prevalent because it exploits well-known weaknesses in human psychology. These attacks often convey a sense of critical urgency. If a situation feels urgent, people are much more likely to make a mistake and compromise on security.

In the last decade, most companies have stepped up their game in terms of cybersecurity. Most companies run robust firewalls and antivirus software, but none of this matters if a hacker uses social engineering techniques. Social engineering techniques are so prevalent in cybercrime that some statistics suggest hackers use social engineering in around 98% of attacks. The only way to protect your company is to make sure your employees understand how these attacks work.

The only real solution here is to have frequent security training. Your employees need to recognize social engineering and have someone they can report suspicious behavior to.

Human error is much more likely if people feel their reports won’t be taken seriously or if they’ll get in trouble for reporting a false positive. Creating a strong security culture in your organization is the best way to reduce human errors.

 

Take the Necessary Steps to Reduce Human Error

To conclude, you need to understand that some level of human error is inevitable. With that said, this article has shown there are many measures you can take to reduce the risk. You can have strong security policies, set up permissions systems, and create a strong security culture.

 

Of course, setting up strong cyber defenses is a very complex task. The world of cybersecurity is constantly changing, and it’s a full-time job in itself to monitor emerging threats.

With this in mind, working with a managed IT services company makes a lot of sense to help safeguard your company. If you want to work with such a company, contact us today and take the first steps in protecting against human error and securing your business.

Pegasus Spyware: The Zero-Click Spyware Infecting Smartphones

Pegasus Spyware: The Basics

Back in June, it was discovered that Pegasus Spyware, specifically developed to track criminals and terrorists, made its way to more than 50,000 phone numbers, some of which included heads of state governments, presidents, and prime ministers. Because this spyware was discovered on the devices of the world’s elite, everyday smartphone users are left wondering if this spyware is lurking within their devices and if it is, how they can detect it and remove it. Below, we’ll dive into Pegasus Spyware, helping you determine your risk and what you can do if you’ve been infected. 

Spyware is something that the world has known about since 1995, introduced as an interchangeable word to refer to adware and malware. It wasn’t until the turn of the century that spyware started to evolve, becoming one of the most dangerous threats on the web. In 2021, spyware has become a whole new beast, especially as the global use of electronics, specifically cell phones, is on the rise. 

 

What is Pegasus Spyware?

Pegasus is advanced spyware created by Israel’s renowned technology firm, NSO Group. Specifically designed to target smartphones, Pegasus doesn’t discriminate, creating a risk for all devices within the platform trifecta Android, iOS, and Blackberry.

Like other types of spyware, Pegasus is designed to gain access to devices. While other traditional spyware is mainly acquired via mobile vulnerabilities, Pegasus is installable on devices via apps like WhatsApp, leaving no traces behind. Other spyware usually requires the installation of a malicious app (primarily via jailbreaking and rooting) or the click of a malicious link that led to the installation of spyware on the device.

Pegasus is so powerful because it requires the user to do nothing, taking advantage of a known vulnerability in apps like iMessage. Once embedded into a device, Pegasus spyware can access all apps, including those with access to real-time details like cameras and microphones. It’s not easily detectable and can linger in devices long enough to collect sensitive information.

 

Who might be vulnerable to it?

According to statements from the NSO Group, the only entities with access to Pegasus software are “the military, law enforcement, and intelligence agencies from countries with good human rights records.” Though their intentions might be good, that didn’t keep some countries from restricting use, including the United States and France.

Those that may be more vulnerable are activists, journalists, businesspeople, known criminals, government leaders and anyone connected to them that is suspected of a crime. Currently, NSO Group is not releasing clients, so it’s unclear whether or not those that are vulnerable or targeted are regulated.

Because of these spyware discoveries, Pegasus spyware is starting to get a negative reputation across the globe, with many world leaders concerned with their privacy and national security. Apple is among the first platforms to sue NGO groups, though others are expected to follow suit. When notified about the lawsuit and the implications they were facing, NGO Group did not admit to any wrongdoing and claimed that their product nor procedure were not breaking any law. In fact, they pointed out their strong suit, claiming “authorities combat criminals and terrorists who take advantage of encryption technology to avoid detection.”

 

How does it infiltrate a phone?

Pegasus spyware is more sophisticated than other types of spyware, able to infect devices without user interaction. Pegasus works by targeting zero-day vulnerabilities, which are vulnerabilities that cybersecurity experts are not yet familiar with. The attack is considered zero-click and typically infects smartphones with vulnerable apps.

Recently, Apple discovered that the spyware was targeting iOS messenger because of a vulnerability not yet patched. Because there is no user involvement required and no noticeable changes to infected devices, it can be difficult to detect. At the moment, there doesn’t seem to be a tool to directly detect Pegasus spyware, though there are ways to understand risk.

Assessment of risk is perhaps the most aggressive measure against Pegasus spyware, though users can do other things to detect its presence on their device.

 

How can someone detect Pegasus Spyware?

There is some good news for those who have a smartphone and are worried about the presence of spyware. Though 50,000 numbers have been listed as infected, it is not just an ordinary list of people. Those 50,000 were linked to several government officials, political activists, journalists, and those involved in their country’s politics.

That means that most smartphone users are excluded, though that doesn’t make most feel at ease. Spyware of any kind can infect devices, which is why it’s helpful to know how to detect it. Due to Pegasus spyware’s sophistication, it’s not detectable with just any antivirus, leaving users to seek other detection methods.

One popular method of detection that works on all devices is Amnesty International Mobile Verification Toolkit.

This toolkit is compatible with Linux and macOS, searching the device for unknown items that could represent a malware infection. Because news of this spyware is novel, it’s not yet set up to work 100%. While it will not detect Pegasus spyware directly, it alerts smartphone users of “indicators of compromise,” showing an infection on the device. 

Though Amnesty International’s toolkit seems promising, cybercriminals are always trying to stay one step ahead in their methods of defeat. Word of a recent campaign to trick users looking for a way to protect their devices hit newsstands in early October, with a group of cybercriminals disguising themselves as Amnesty International. For those looking for a way to detect Pegasus spyware on their device, Amnesty International is a safe bet. However, they should only inquire about information from the actual website and avoid clicking any unknown third-party links.

An additional option for iOS users that shows promise for detecting Pegasus spyware is Apple’s very own iMazing. This optional scan was created to scan devices to provide evidence of spyware. Installing it on devices is simple and comes with a guided process that takes about 30 minutes. iMazing will scan each app on the device and check for malicious content, creating a detailed report that users can access to find out whether or not they have items on their device that require attention. 

 

How can it affect security?

Spyware is different from other types of attacks in that it turns the cell phone into a surveillance device. The longer that spyware is left on a device, the more information it can gather and the more harm it can potentially cause. A few of the most common security implications due to Pegasus software include copying and sending private messages, recording phone calls, and collecting photos both taken on the device and received from messages and apps.

Pegasus can even gain access to users’ microphones and cameras, spying on users without their knowledge. Because of this powerful ability, users with Pegasus spyware installed on their device could have someone monitoring their phone calls and starting the device’s camera without their knowledge, falling victim to severe implications if any wrongdoing is suspected.

For most smartphone users, access to such information will not be lead to criminal action, though it could cause issues with loved ones or professionally. However, because Pegasus targets criminals, world leaders, and other important figures across the globe, some captured information could lead to further investigations.

Apart from the ability to monitor those who might cause harm, Pegasus spyware could create danger if the information is passed into the wrong hands. National and international security could be in harm’s way, and other sensitive details could result in increased criminal activity. Companies too could face implications if collected information falls into the wrong hands, with others able to predict their next move.

Because of these serious security implications that companies are taking action, including global giants like Amazon. They, like others, are making moves to restrict and even shut down services linked to Pegasus spyware. Though companies are taking action on their own, cybersecurity experts are closely monitoring for increased malicious activity and attempting to stop further infections of Pegasus spyware until proper regulations can be put in place.

 

Can Pegasus Spyware be removed from a device?

Because this spyware is new, sophisticated, and not very well understood, there is not currently a removal solution. These zero-day vulnerabilities created with help from knowledgeable cybercriminals are very difficult to patch until developers find a solution to mitigate them. Even though it’s not removable at the moment, there are some ways that those who are at risk for Pegasus spyware (and any other spyware) can protect themselves.

One of the most effective defenses is active and frequent monitoring of devices, including regular scans to detect suspicious activity. The more active users are running scans and monitoring all activity, the better they will be at detecting spyware and stopping it before it can infect devices and escape without being noticed. In addition to a plan to scan and monitor, users can take other precautions, a few of which we’ll mention below.

 

Securing your Device

Since smartphones are targeted by Pegasus spyware, users should first secure their devices. There are several ways that users can do this, including keeping their devices updated with the latest version, updating all apps when necessary, and getting on a monitoring and scanning schedule.

Frequent monitoring is recommended, with regular users running scans at least once a week. This should ensure that there is no new suspicious activity or installations that could indicate a security breach.

 

Securing your Data

In addition to protecting devices, it is recommended that companies protect their data. Data is one of the most valuable targets online, with data breaches reaching all-time highs in 2020 and expected to continue to increase in 2021 and 2022. Smartphone users are encouraged to protect their data by managing their permissions in all apps (especially those with access to sensitive details) and ensuring that all passwords are up to date and secure.

Mobile phones often ask for permissions to access apps and other connected devices, which could lead to an additional vulnerability. If there is sensitive information on any device connected to a smartphone, users are encouraged to avoid permitting access to prevent further complications and risks.

 

Securing your Network

It’s not just about securing mobile devices but also the network to which they are connected. In 2021, most areas feature free wi-fi, though users don’t always consider risks. Public network attacks are on the rise as more and more smartphone users demand access to wi-fi on the go.

There are several ways users can protect themselves and their network, including utilizing advanced security suits that protect each layer. Frequent monitoring of networks and scanning for unknown connections and devices is one place to start, helping users identify understand if something needs their attention.

It’s not just necessary to protect from known attacks but also to have the capability to protect and prevent zero-day attacks too. These days, users are encouraged to use antivirus and other security tools that can help isolate and patch attacks with help from automation.

 

Pegasus spyware protection

Because Pegasus spyware is linked to two apps, it’s recommended that users take steps to disable each of them if possible. The two most common attacks have been with WhatsApp and iMessage, both of which can be disabled by users.

Pegasus is different than other spyware and can infect systems without user interaction, so at this time, there is not a specific fix. For now, it’s recommended to keep internet access secure, limit others’ access to devices, get on a scanning schedule to check for vulnerabilities, stay up to date on the latest iPhone and Android news, and update when necessary to prevent access.

Are you concerned about the cybersecurity of your company? Edge Networks can help! If you’d like to find out how your company is performing and isolate weaknesses in your cyber defenses, schedule a call with us .