Many cyber attacks rely on a vulnerability to be exploited this can be a technology exploit or a person exploit through clever social engineering and manipulation.
Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited by a threat source.
- Social engineering
Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.
We can draw similarities to the real world where the easier it is to gain access to a property the more likely you are to be a victim of a burglary. Leaving doors and windows unlocked, burglars are able to exploit a vulnerability in your property security to gain access with malicious intent. Would you leave your doors and windows unlocked?
The majority of cyber-attacks aimed at Northern Ireland citizens and businesses are of a low sophistication. These are only possible because a device or system security vulnerability has been able to be exploited. In most cases, the adversary never comes face-to-face with the victim.
It is estimated that 99.9% of the time cyber attacks are only possible because of poor cyber hygiene or a lack of security awareness. In effect, we are leaving our virtual doors and windows open for attack by cybercriminals.
- Cyber hygiene
Cyber hygiene is often compared to personal hygiene. Much like an individual engages in certain personal hygiene practices to maintain good health and well-being, cyber hygiene practices can keep data safe and well-protected.
Simple steps can be taken to protect yourself. Look at our cyber protections section to know what to do.