The accounts of tens of millions of Anthem members are stolen. $1 billion are stolen from banks. Sony Pictures is compromised. The Chinese steal US military aircraft plans. The President of the United States decries the losses and appoints someone to fix the problem. Yet, what is the problem? Professor Arun Vishwanath, writing in The Conversation tells us that the system resource being exploited over and over and over again isn’t some router or disk drive or program — it is you, the person operating the machine.
It’s You!
In Before decrying the latest cyberbreach, consider your own cyberhygiene, the Professor explains how the bad guys exploit users to gain access to systems:
Many of these hacking attacks employ simple phishing schemes, such as an e-card on Valentine’s Day or a notice from the IRS about your tax refund. They look innocuous but when clicked, they open virtual back doors into our organizations.
It is you and I who click on these links and become the “unintentional insiders” giving the hackers access and helping spread the infection.
The professor points out that everyone must act to defend their own systems.
First, pay more attention to the email processing task. Is that really the bank’s email address?
Second, don’t process email as a matter of rote habit. For example, casually processing email on a cell phone is a habit that undermines paying attention to the details of emails.
Third, appreciate the risks of online activity. The first and second points are the result of failing to appreciate the risks involved in processing email.
Professor Vishwanath compares this to crime prevention in the real world. If people are looking out for suspicious activities, they can report what they see to the authorities.
Helping spot evil email is our mission at Iconix with Truemark for consumers and SP Guard for enterprises.