Today, Blue Coat Systems, Inc., which was recently acquired by the global cyber-security leader Symantec, made public the results of an online study. The study has been conducted by YouGov and included 3,130 employees from different sectors in France, The UK and Germany.
The results clearly show that organizations are still at risk of numerous cyber-attacks posed by social media. However, the worse news is that the ones allowing (not to say helping) crooks to launch their malicious attacks are no others but employees themselves.
Even though social media apps are extremely popular both in- and outside the office environment, the study shows that the majority of workers still don’t know how to properly protect themselves.
According to the survey, things in 2016 not only haven`t improved when it comes to users behavior but is some cases they have actually worsened. While a progress has been noticed in some areas, in others, hackers not only aren`t being stopped but, on the contrary, they are being given opportunities to exploit.
Key findings amongst social media users include:
In 2016, only 42% of respondents said they accept requests only from people they know, compared to 43% in 2015
Only 40% of 2016 respondents set privacy settings to their profiles, same as 2015
Only 41% of this year`s respondents said they always check identities before connecting with strangers, a small rise compared to the 38% in 2015
The study also reveals that all generations pose a security risk.
In 2016, employees from ages 18 to 24 are less likely to set up privacy settings (49% compared to 60% last year). The same goes for identity checking – 53% in 2016 and 57% for 2015. Millennials also have the worst password behavior as 14% used the same pass for every app, in 2015 it was 8%.
Workers within the 45-54 year have improved in 2016, as 37% always check the identities of people before connecting, compared 32% last year. Those in the age of 55 and over have also improved with 40% of them always checking identities, compared to 30% in 2015.
However, employees from ages 18 to 24 are still considered more discerning than workers over 45, which, as a group, tend to be less vigilant.
When put in different job areas, the study reveal that all sectors (HR, Finance, Healthcare, Sales) pose a security risk, including the IT, even though they should know better.
“This research highlights the risks organizations are exposed to due to the behavior of their employees on social media and messaging applications.” – said Robert Arandjelovic, the director of Blue Coat product marketing in EMEA for Symantec – “Social engineering remains a common tactic for threat actors to gain access to business networks, in part due to many employees leaving security holes through poor social media practices. This makes it easier to have an account compromised, and for attackers to move laterally to more sensitive business applications that contain critical data. Social engineers hack people, not computers, so it’s important to ensure humans aren’t the weakest link in cyber security.”