More than 90% of cyber attacks made possible by human error

60

More than 90% of cyber attacks are made possible by human error, according to K-cryptography and information security for open networks.

The data is clear, it is said, given that cyber attacks have been on the rise in recent years and that the situation regarding cyber security is becoming increasingly complex.

According to the latest report from ENISA, the European Union’s Cyber ​​Security Agency, attacks increased in 2020 and 2021, not only in terms of vectors and numbers, but also in terms of their impact. And according to McAfee, ransomware-like attacks (ransom-seeking attacks in exchange for stopping or publishing stolen information) are the most common.

“Over the past two years, we have not only had a health pandemic, but a real pandemic of cyber attacks and cybercrime,” said David Megas, leader of the Open Networks Research Group (KISON). .

“Cybercriminals took advantage of the pandemic in many ways. In addition, with the increase in telecommuting, cybercriminals had easier access to computers that were not as well protected as those in companies,” he says.

“And, without a doubt, the most common form of attack during these two years was ransomware, which affected institutions of all kinds: banks, energy suppliers, telecommunications companies, universities and public services.”

Helena Reef, a researcher in the KISON group, says: “Cybersecurity is not just a technical discipline; it encompasses many fields of knowledge and affects many different departments and practices in companies.

“Given this, the great challenges in the field of cyber security are not only technical, but go beyond the boundaries of technology,” she said.

According to UOC experts, the main challenges include:

1. Awareness raising, first line of defense

More than 90% of cyber attacks are made possible, to a greater or lesser extent, by human error, according to IBM. Therefore, despite technological advances to minimize threats, the first major line of defense is user awareness and good practice.

“Many cybersecurity issues facing companies arise as a result of well-known vulnerabilities. If we all did our homework better, it would be easier to reduce online threats. We all use electronic devices and we all have to set a minimum of cyber security,” Rif said.

2. A new generation of hybrid threats

Cyber-physical systems are increasingly present in our daily lives, from industrial control systems and energy infrastructure to home automation. The technological revolution they nurture, which has created multiple business opportunities, carries its own threats, combining complex technological and human aspects.

3. And more sophisticated defensive tools

Faced with the increasing complexity of threats, artificial intelligence (AI) and machine learning are becoming increasingly important as protective tools.

“The biggest scientific challenge today is trying to stay ahead of increasingly sophisticated threats,” Reef added.

“AI is increasingly being used both to quickly identify attacks and vulnerabilities and to address them.”

4. Towards sustainable cyber security

Megas says we are all responsible for managing and protecting the resources in our environment for future generations. The basic definition of sustainability is also relevant in the field of cyber security.

“In this sense, sustainability is understood as mechanisms that enable stakeholder interaction (users, service providers and device manufacturers) with the technology ecosystem to be intentional and with full knowledge of their implications for system security and stability,” he says.

The Internet of Things creates an unprecedented increase in the number of devices that share sensitive data and user information. In addition, 5G and other telecommunications technologies provide broadband connectivity for an almost unlimited number of devices, multiplying the Internet infrastructure.

“As a result, technology infrastructure is becoming unsustainable due to various malicious threats and unintentional errors. It is imperative to achieve a more sustainable ICT infrastructure by providing secure solutions and ensuring privacy,” he says.

5. The great battle for privacy

Cyber ​​attacks are not the only way users’ personal information can be compromised. In many cases, the data is revealed by the architecture of the platforms themselves or the ignorance of internet users.

“There are still many issues that technology needs to address to better protect data, such as the ability to send only accurate information for any purpose, better anonymization of databases, and ensuring privacy for all data stored on the web,” Rif says.

“At the societal level, we also need to provide usability methodologies so that people know how to act on social media and the internet in general, what can be shared and what can’t,” she says.

“Ultimately, the big challenge is to make data security and privacy compatible so that the technology can be used and we can work comfortably with it while protecting our systems and data.”

Comments are closed.