Jijish Gopi is a cyber security professional with 15 years of experience in the industry. He started his career as a security engineer at a reputed company in India in 2007 and later moved to the UAE in 2010. Working in the Middle East region for the last 12 years and serving various roles associated with many government and semi government organizations in the region. He has worked on numerous major projects in the UAE as a consultant, designer, and implementer of various cyber security solutions. He was named one of the top 50 cyber security professionals in 2022 by CIO 50 Middle East magazine, winner of the best IT strategist award by CXO Middle East magazine in 2022, and winner of the best transformed team award for his cyber security team by GovDX Middle East in 2022.
In the recent past, we have all seen the drastic spikes in cyber-attacks and breaches happening across all the major companies across the globe, including many technology giants as well. The types and frequencies of cyberattacks have changed, particularly since the pandemic, as a result of the expanded attack surfaces caused by organizations’ decentralized perimeters. Users have an equal role in securing endpoints and the data that flows through them.
During and after the pandemic, when organizations started allowing users to connect from anywhere and anytime, the criticality of ensuring endpoint-based security reached the highest level. Furthermore, the importance of making users aware of the sanitary use of endpoints has grown. When we look at recent breaches around the world, we can see that the security technology providers are being targeted by the adversaries. But if you analyze the causes of those breaches, you will end up in the same bucket, which is user awareness. While these technology behemoths invest in and implement the best security controls across organizations, end users are still seen as the weak and easy points, providing hackers with an easy point of entry. Here, I’d like to discuss some of the major surfaces that are cascading because of user awareness problems and that are eventually leading to organizational breaches, resulting in financial and reputational losses.
1# Social Media Activities
Every person has their social life exposed to the world nowadays through social media pages. Either through entertaining social network sites or through professional social networks These social media sites have become an essential part of everyone’s lives, where professional networks are highly used for careers as well as business-related activities. However, whether knowingly or unknowingly, these platforms are becoming low-hanging fruit for hackers. where they can obtain the required details of the users or organizations, which can be used to leverage in their social engineering attacks. Some professionals will even reveal technology details about their organizations, making it easier for hackers to craft their weapons. Even recently, many fake job openings have been posted on social media in order to gather information about users and their working environments.
2# General Mails and Communication Platforms
Many organizations that allow their employees to access general emails and applications are leaving a very large area of exposure. Despite the fact that these organizations invest heavily in protecting the corporate email solution, general and personal emails are still permitted for users who access and open these emails using corporate devices. Organizations can’t impose their regulatory or organizational policies on the user’s personal emails. As a result, these are becoming the easiest areas for hackers to compromise endpoints or users through general emails such as Gmail, Yahoo, Hotmail, Proton Mail, and so on. Recent breaches at some of the technology giants are examples of the existence of these exposed attack surfaces.
3# Unhealthy Usage of Endpoint Devices
Users can work or connect to their corporate environments from anywhere, thanks to the increased use of remote working. This new work culture allows connections from a completely unknown network to connect to your corporate network through the user’s laptops. Psychologically, the users who want to complete their assigned jobs are ready to connect through any wifi around them. As a result, their endpoints are vulnerable to rogue or evil twins, allowing the users to surf and collect their strokes on the endpoints. Making them leak their personal and official data.
The social engineering techniques have been used by these hackers for decades and are still as powerful as before in compromising the victims. Because all of these techniques are aimed at human emotions and brain states, even when users are aware of these hackers, their brains can be compromised by strategic social engineering attacks.
Recently, a breach that was reported at one technology giant where the hacker spammed the user with continuous multi factor authentication alerts, eventually forcing the user to click to authorize the access and allowing the hacker to gain access to their corporate VPN, is an example of the hacker targeting the emotions of the users. Being the weakest and most vulnerable point of any organization’s network, the users’ awareness has to be taken care of as one of the most important controls.
Many organizations are still relying on user awareness sessions, giving them details about dos and don’ts while connected. However, human brains have a tendency to forget what they have read and, eventually, forget what they read during the tedious user awareness session. Hence it is time to rethink about the traditional scheduled user awareness sessions methods and transforming it to continuous user experience sessions. In which all the levels of users will be tested and examined continuously based on real-time social engineering methods and making cyber hygiene culture as part of their professional and personal lives. All users have to be tested and evaluated against real-life scenarios, and based on their performances, the next level of inductions must be provided to the user. Currently, every organization is implementing digital transformation technologies. This increases the reliance on technology while also increasing the risks. Hence, maintaining proper practices in managing and operating these technologies has to be part of corporate culture. It is not only the technical team’s responsibility to ensure the user’s cyber safety. It can be delivered only with the support of users of all levels in the organization ultimately.