Human Error Remains the Main Challenge for Cyber-Security Worldwide
By MYBRANDBOOK
GISEC has witnessed the world’s leading cyber security experts gathered at Dubai World Trade Centre for three days starting from 1-3 April was a co-located event to IoTX and Future Blockchain Summit has witness more than 200 talks, briefing sessions and live hacking demos that were given by the world’s foremost cyber security experts and business leaders, one reoccurring theme stood out: human error remains one of the largest obstacles to cyber security.
As GISEC – the largest cyber security event in the Middle East, Africa and South Asia – draws to a close, leading experts have warned that human error continues to play a significant role in cyber security and online crime, requiring a strategic approach to educate users and employees to prevent companies and individuals from falling victim to cyber-crime.
Jamie Woodruff live hacks a nuclear power-plant, credit cards and car keys
Jamie Woodruff, the Ethical Hacker who famously hacked Kim Kardashian, Google, Microsoft, Facebook and Twitter – and who headlined GISEC’s first-ever Dark Stage – not only shone a light on the many hidden ways businesses may be susceptible to hackers, but re-emphasised how humans are so often at the heart of both on and offline crime.
“People are much more susceptible through social engineering to attacks than they are in person”, he said. “Vulnerabilities of businesses exist a lot of the time through their employees, and social engineering allows us to observe and learn their patterns, allowing entry into the company” – a technique that can have dire consequences for the company, he maintains.
Providing an apt example, one of Woodruffs anecdotes included one of his ethical hacking projects in which he gained access to the server rooms of a London-based banking institution. To do so, the expert hacker had to intercept phone conversations and CCTV cameras. Observing the bank and its employees for a whole month, he gained entry by dressing up as a pizza delivery driver. With unrestricted access to the IT infrastructure, said Woodruff, the consequences for the bank and its customers could have been disastrous.
At the climax to his seminar, Woodruff left his audience in disbelieve as he live-hacked the CCTV camera of a nuclear plant. He also obtained the two-year payment history of ten volunteers that took to the stage with their contactless credit cards – data he compromised within seconds – and showed how children toys, car keys and smart watches are all open to attack.
Experts agree that the human factor remains a key obstacle for cyber security
Re-emphasising Woodruff’s point on human error, Ankush Johar, Investor at HumanFirewall and a cyber-security authority, used his appearance at GISEC to highlight how many types of attacks occur in the world. He said: “There are over 20,000 types of attacks. Given those large numbers, training employees to successfully identify those remains a huge challenge and leaves us prone to human error. One of the keys is to alter the psychology of employees and make them suspicious by nature.”
Earlier in the week, US-hacker Kevin Mitnick – who landed himself on the FBI’s Most Wanted list after hacking more than 40 major corporations and now is a trusted security consultant to Fortune 500 companies and governments worldwide – warned on the same topic that “when teaching staff about security, companies need something relevant, entertaining and informative – not a boring book that they won’t read.”
He added: “You need to educate, train and inoculate your users. The hacker is always going to go after the weakest link, and social engineering is the easiest way in and easiest attack your enemies will use today.”
Emile Abou Saleh, Regional Director, Middle East & Africa at Proofpoint – who showcased their people-centric solutions at GISEC - said, “As cyber-criminals take advantage of the human factor to execute their campaigns, companies need to ensure they deploy effective security awareness training to educate employees for best-practices, as well as establish a people-centric strategy to defend against threat actors’ unwavering focus on compromising end-users.”
Nazara and ONDC set to transform in-game monetization with ‘
Nazara Technologies has teamed up with the Open Network for Digital Comme...
Jio Platforms and NICSI to offer cloud services to government
In a collaborative initiative, the National Informatics Centre Services In...
BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium
A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...
Pinterest tracks users without consent, alleges complaint
A recent complaint alleges that Pinterest, the popular image-sharing platf...
STERLITE TECHNOLOGIES LTD.
INFOSYS TECHNOLOGIES PVT. LTD.
POLYCAB INDIA PVT. LTD
DATA SAFEGUARD INDIA PRIVATE LIMITED
Icons Of India : Arjun Malhotra
Arjun Malhotra, the Chairman of Magic Software Inc., is widely recogni...
Icons Of India : Girish Mathrubootham
Girish Mathrubootham is the Founder of Freshworks (previously known ...
ICONS OF INDIA : RISHAD PREMJI
Rishad Premji is Executive Chairman of Wipro Limited, a $11.3 billion ...
C-DAC - Centre for Development of Advanced Computing
C-DAC is uniquely positioned in the field of advanced computing...
GeM - Government e Marketplace
GeM is to facilitate the procurement of goods and services by various ...
NPCI - National Payments Corporation of India
NPCI is an umbrella organization for operating retail payments and set...
Indian Tech Talent Excelling The Tech World - REVATHI ADVAITHI, CEO- Flex
Revathi Advaithi, the CEO of Flex, is a dynamic leader driving growth ...
Indian Tech Talent Excelling The Tech World - AJAY BANGA, President - World Bank
Ajay Banga is an Indian-born American business executive who currently...
Indian Tech Talent Excelling The Tech World - Shantanu Narayen, CEO- Adobe Systems Incorporated
Shantanu Narayen, CEO of Adobe Systems Incorporated, is renowned for h...