Cybersecurity is a people problem | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

When a cybersecurity incident happens at a major company, it’s not a technology problem.

People are the ones who open the door and let the intruders inside. People are the ones who forget to do basic tasks allowing crimes of opportunity.

The most recent example making national headlines was the cybersecurity breach at MGM Resorts on Sept. 11. This locked down most of the MGM Resorts computer systems, including hotel room keys. This lasted for 10 days.

Initial reports indicated that the hacking group found an employee on LinkedIn to impersonate. The group called the MGM Resort IT help desk and were able to get passwords to access the systems. This is a type of social engineering attack.

MGM didn’t have solid ID requirements in place to verify someone was an employee. You shouldn’t be able to get a password just off public information from LinkedIn.

People are also reading…

Impersonations can be difficult to identify. There is usually a sense of urgency behind the call or message that the target receives.

A couple of years ago I met people with a company that does in-person social engineering. The contracted security company will dress up in the uniform of a company like Verizon or Comcast. They show up unannounced to the staff and see what sensitive areas of the business they can gain access to. They usually get let in.

The best impersonation/phishing attempt I’ve seen involved I and l. The first is the capital letter I. The second is the lowercase letter L. You can’t tell the difference.

Someone had copied an entire email signature block and registered a domain name swapping the letters. It was discovered because the requests that the account was making were unusual. Asking for money and gift cards.

Other examples of people-caused cyber issues are not hard to identify.

The Chinese military-backed Equifax breach in 2017 is an example. The Equifax technical team was not keeping up with the patches on their servers. Patches are free.

The hackers used an already-known vulnerability to gain access. This was the largest known theft of personal identifiable information (PII) ever carried out.

In 2018, another casino was hacked by its internet-connected aquarium thermometer. This situation holds two different people-type problems. The technical team created the first problem. The thermostat was connected to the same part of the network as the core servers. These Internet of Things (IoT) devices should be segmented into their own little piece of the network. Isolated from other computer devices.

The second people problem is IoT devices are notoriously insecure. The manufacturers do not have a secure-by-design mentality. The devices are built cheaply and as simply as possible.

Every time you add another device to your Wi-Fi you’ve just added another entry point to a would-be hacker.

Another easy problem to solve is to stop using software and devices no longer supported by the manufacturer.

Hospitals from around the world have been subjected to ransomware attacks simply because they were using old technology. Certain hospitals were found to be running Windows XP years after support had ended. This attack led to patient records being stolen or inaccessible.

Your budgets must account for the lifecycle of the hardware and software you use. If the manufacturer stops supporting it, you must upgrade.

In 2021, there was a medical data leak incident affecting my mom. My mom was asking for records to be transferred from one hospital to another. She got a copy of her records and a copy of someone else’s record. Somehow another patient at the hospital had their medical records attached to my mom’s records.

Neither one of the hospitals caught the data leak. My mom did. I was her first phone call.

My mom contacted the other patient. The other patient is married to a doctor. The doctor wasn’t happy. Both hospitals blamed each other.

How many times has that happened before?

Many cybersecurity breaches that you read about in the news could have been avoided or minimized. All it would take is for people to have the right processes in place, replace old software, or just slow down.

You can be targeted by a hacker. But usually, someone opened the door for them.

Don’t be in a rush to click that link just because it was sent to you. Don’t be in a rush to give up passwords and codes just because someone called you, in what seemed like a panic.

Don’t be the next company that has to contact their customers because you let a hacker in. Review your tech and your procedures now.

Windows 10 is set to end support on Oct. 14, 2025. Start planning now.

John Barker of Stafford County is a 25-year technology and cybersecurity consultant with a weekly newsletter Titan of Tech. He also serves on Stafford County Schools’ Technology Advisory Committee.


Click Here For The Original Source.

National Cyber Security