New research by Kaspersky Lab shows that in the last 12 months every fourth Internet user had at least one of their online accounts hacked. This led to unauthorized messages being sent out in the users’s name (apparently not to wish anyone happy birthday), and the loss or theft of personal data.
Why businesses should bother?
The study was of users – i.e. consumers – only. However, these users are employees and employers, so every single personal account hack has the potential to grow into a full-scale cyberattack against a business.
Security of a company infrastructure directly depends on the level of its users’ cyber-awareness. In general, there is room for improvement.
25% of users get hacked during the last 12 months; why should businesses bother? #protectmybizTweet
In addition to the number whose own accounts had been hacked, a third (32%) of respondents know of someone whose account had been hacked. The kind of accounts targeted by hackers include email (11%), social media networks (11%), and online banking or shopping accounts (7%). And we have mentioned multiple times that users tend to expect the banks to recover their customers’ losses in case of fraud.
Overall, businesses have a reason to worry about consumers’ cyber-awareness as those consumers bring their habits to their workplaces, and thus put at risk the entire infrastructure. In fact, the considerable part of cyberattacks today are targeting people, first and foremost (phishing letters or spoofed messages in social networks with malicious links, etc.).
Not good enough
According to another survey, 38% of users take labor to use strong passwords for every account. That’s not nearly good enough, of course, but the number is encouragingly considerable.
In 2013, 47% of respondents admitted that they had fewer unique passwords than accounts on different resources, while 63% of respondents admitted that their passwords were generally easy to guess (thus 37% considered their passwords strong enough to prevent guessing).
Consumers’ troubles affect businesses too #protectmybizTweet
What does it mean for businesses?
Weak passwords and the previously mentioned susceptibility to phishing require a proper information security policy, first and foremost. A typical user’s cybersavviness isn’t good enough, and this does affect businesses of any size. Smaller businesses, however, are more likely to be at risk, given that not each of them can afford a dedicated IT worker. But the risks can be decreased by using the proper technical means and education of phishing threats and the ways to ward off the attacks.
For smaller businesses, Kaspersky Lab offers Kaspersky Small Office Security equipped with a powerful Password Manager feature, which allows you to generate strong passwords automatically for every web-site or apps users visit and fill them in on PCs and Macs; the user only has to memorize a single master password.
There is also an antiphishing module protecting the users from fraudulent activities and websites trying to steal personal data and payment credentials.
More information on Kaspersky Small Office Security visit this link.