Are you still making these cyber security mistakes?

The lack of a major cyber security event is seen as one of the reasons for the indifference towards cyber security in many organisations. That event took place recently, with the WannaCry ransomware affecting organisations in over 150 countries. While basic cyber hygiene could prevent similar attacks, many individuals and organisations are still making the same old security mistakes.

Here’s a look at some of these mistakes highlighted by researchers from ESET, a cyber security firm, and what you can do to void them.

Too trusting of emails
Social engineering tactics are as old as the day is long, yet people keep falling for them. Today, phishing via email has become commonplace. Although criminals are improving the ‘quality’ of these emails, with some targeted emails looking incredibly authentic, most do not.

Keep yourself safe by carefully checking the recipient, the request and use some common sense. Also, be cautious of attachments, as they may be malware-infected. It’s important to check file extensions and to only open files deemed safe and from legitimate sources.

It won’t happen to me
Culture is arguably the biggest issue with security right now, and this has been the case for 20 years. CEOs think they won’t be targeted and citizens think much the same.

This complacency is misguided, and often results in poor security habits, with individuals and organisations treating, for example, password and Wi-Fi security not as seriously as they should.

This is despite the fact that good cyber security can be achieved easily, through good password hygiene, regular software updates, anti-virus and even password managers, VPNs and secure encrypted messaging apps.

Simple passwords
Generic, guessable passwords can be easily cracked, opening a can of worms if the same password is used across several accounts. Brute-forcing passwords is increasingly fast and easy for criminals today equipped with either huge computing power, or access to buy such expertise on the dark web.

Weak passwords, such as 123456; password; 12345678; and qwerty remain commonplace, with many people failing to see how these ‘low-hanging fruit’ are an entry point for cyber criminals. According to Forrester, 80% of all attacks involve a weak or stolen password .

Dismissing software updates
Whether on desktop, laptop or mobile, there’s always another software update for our apps, operating systems or cyber security software. Interestingly, the constant pop-ups irritate us, with many people failing to understand just how important they are.

If we fail to update, we’re effectively leaving our software and devices vulnerable to attack, as cyber criminals look to exploit out-of-date flaws. Had the organisations affected by WannaCry properly configured automatic operating system updates, they might not have been featured on the victim list.

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

I am still amazed at the lack of concern with security in a lot of places and by most home users in general.. I still have to fix PC of friends and family because of a virus. Most from bad emails they open thinking the won a gift card from a store or dining establishment they may shop/dine at or they have a package that is undeliverable. The other is from certain sites they go to for games and such... Those seem to hijack their system. The last thing I see is they have disabled the automatic updates from Microsoft. That is how these things like WannaCry spread. There is a fix, you chose not to have it update automatically, so you infect others. Most of the time I just remove everything and in a few moths they call again with more issues. I tell them with this kind of behavior they should back up their computers or risk losing everything. I still know some have not done this. I know someone hit with ransomware and lost a lot of photos and such. Would I pay the ransom? No. I back up every time I load new photos from my camera to my laptop or work on my game projects so I don't' lose hours of work... I just wish people would listen..