More than 90% of cyber attacks are possible due to human error

More than 90% of cyber attacks are possible due to human error

More than 90% of cyberattacks are possible due to human error, according to K-riptography and Information Security for Open Networks.

The data is clear, he says, with cyberattacks on the rise in recent years and the cybersecurity situation becoming more complex.

According to the latest report from ENISA, the European Union Cybersecurity Agency, attacks increased in 2020 and 2021, not only in terms of vectors and number, but also in terms of impact. And according to McAfee, ransomware-type attacks (attacks that demand a ransom in exchange for detaining or releasing the hijacked information) are the most common.

“Over the last two years, not only have we had a health pandemic, but there has been a true pandemic of cyberattacks and cybercrime,” says David Megas, leader of the K-riptography and Information Security for Open Networks research group ( KISON). .

“Cybercriminals have taken advantage of the pandemic in many ways. Also, with the rise of telecommuting, cybercriminals have had easier access to computers that were not as well-protected as corporate computers,” he notes.

“And, without a doubt, the most common form of attack during these two years was ransomware, affecting institutions of all kinds: banks, energy companies, telecommunications companies, universities and public services.”

Helena Rif, a researcher at the KISON group, says: “Cybersecurity is not just a technical discipline; it encompasses many fields of knowledge and affects many different departments and practices in companies.

“That being the case, the great challenges in the field of cybersecurity are not only technical but transcend the borders of technology,” he says.

According to the UOC experts, the main challenges are:

1. Awareness, the first line of defense

More than 90% of cyberattacks are possible, to a greater or lesser extent, due to human error, according to data from IBM. Therefore, despite technological advances to minimize threats, the first great line of defense is user awareness and good practices.

“Many of the cybersecurity problems that companies face arise as a result of well-known vulnerabilities. If we all did our homework better, it would be easier to reduce online threats. We all use electronic devices and we all have to put in place a minimum of cybersecurity” says Rif.

2. A new generation of hybrid threats

Cyber-physical systems are increasingly present in our daily lives, from industrial control systems and energy infrastructures to home automation. The technological revolution that they are promoting, which has generated multiple business opportunities, carries its own threats, combining complex technological and human aspects.

3. And more sophisticated defense tools

In the face of increasing threat complexity, artificial intelligence (AI) and machine learning are becoming increasingly important as protection tools.

“The biggest scientific challenge today is trying to get ahead of increasingly sophisticated threats,” adds Rif.

“AI is increasingly being used both to quickly identify attacks and vulnerabilities and to resolve them.”

4. Towards sustainable cybersecurity

Megas says that we are all responsible for managing and protecting the resources around us for future generations. The basic definition of sustainability is also relevant in the field of cybersecurity.

“In this sense, sustainability is understood as the mechanisms that allow the interactions of the stakeholders (users, service providers and device manufacturers) with the technological ecosystem to be deliberate and with full knowledge of their consequences on the security and stability of the system. ”. he says.

The Internet of Things is driving an unprecedented increase in the number of devices sharing sensitive user data and information. Furthermore, 5G and other telecommunications technologies allow broadband connectivity for an almost unlimited number of devices, multiplying the internet infrastructure.

“As a result, the technology infrastructure is becoming unsustainable due to various malicious threats and unintentional errors. It is imperative to achieve a more sustainable ICT infrastructure by providing solutions that are secure and guarantee privacy”, he says.

5. The great battle of privacy

Cyber-attacks are not the only way users’ personal data can be compromised. On many occasions, the data is exposed by the very architecture of the platforms or by the ignorance of Internet users.

“There are still many problems that technology must solve to better protect data, such as being able to send only the information that is accurate for each purpose, better anonymizing databases, and ensuring the privacy of all data stored on the web,” he says. Ref. .

“At a social level, we also have to provide usability methodologies so that people know how to act on social networks and the Internet in general, what can be shared and what cannot,” he says.

“In the end, the big challenge is to make data privacy and security compatible so that the technology is usable and we can work comfortably with it while protecting our systems and data.”

Leave a Comment