Disgruntled employees targeted by hackers

Cyber ​​experts point out the business risks posed to businesses by disgruntled or disgruntled employees targeted by attackers as a means to breach computer systems.

They also warn that despite the sophistication of cyber attacks, the bulk of threats to organizations still come from emails and people clicking on malicious links.

Speaking at an event hosted by it @ cork – a non-profit tech organization representing more than 200 businesses in the South West – cyber professionals urged businesses and organizations to invest in cybersecurity personnel and for owners to take responsibility for cybersecurity as well.

Dave McCormack, senior engineer at McAfee Enterprise, said there was a need for companies to educate employees about sharing the kind of information some do on their social media accounts.

He said this included the level of business detail that people could include in their Linkedln accounts.

Mr McCormack said if employees shared on their Facebook accounts that they were “unhappy” at work, it would be quite easy for potential cyber attackers to identify them and exploit that in their attack.

Andy Grzess, CTO at Smarttech247, highlighted the risks to businesses posed by disgruntled, disgruntled, overworked or stressed employees who might be doing “something stupid.”

Separately, the United States’ National Cyber ​​Security Center released a public message in recent days urging those leaving or entering government service to take new approaches through social media, saying foreign spies often use fake social media profiles to connect with those who had the information they wanted.

Mr McCormack said that if people look at the initial way organizations are attacked, it is mostly “always email”.

He said: “It’s like arousing suspicion in the eyes of employees when they receive an email – is it legitimate, is it really from my boss – he’s on vacation in Spain and using his email. personal email to send me this message or is it not? ”

He said there are nuances of uncertainty when it comes to detecting possible malicious attacks, that there is a “need” for humans in the loop.

“You need to have security professionals in organizations, people who understand what they are watching,” he said.

“The idea that people just install a security product from a regular vendor on your machines and be safe – unfortunately that is not true and something businesses need to understand and plan for.”

Previous Steps to take if DraftKings, other sportsbook cannot locate you
Next Microsoft Researchers: We trained AI to find software bugs using hide and seek