Blue Coat Systems has revealed the results of an online study carried out by YouGov among 3,130 workers in various industries across Great Britain, France and Germany.
The survey suggests that organisations are still being exposed to increasingly sophisticated cyber-threats posed by social engineering, where personal and work information is gathered, often via social media, and used to deliver advanced threats into networks.
Despite the increased use of social media applications, both inside and outside of the office, this survey reveals how workers are still failing to fully protect themselves from complex social engineering.
Techniques like phishing are rife. This attack is a form of fraud where hackers, posing as legitimate organisations or individuals, trick users into clicking on or downloading malware in order to obtain sensitive information such as login credentials or passwords.
User behaviours have not improved since 2015 and, in some cases, have grown worse. While some areas indicate an improved sense of social media savvy, other areas supply modern-day hackers with opportunities to exploit. Key findings amongst those who use social media include:
In 2016, 42 percent of respondents report only accepting requests from people they know, suggesting a willingness to connect with strangers, down slightly from 2015 (43 percent).
Privacy access and settings remain an issue, with only 40 percent of 2016 respondents still allowing only certain people to view their profiles, the same as in 2015.
When connecting with people, 41 percent of 2016 respondents always check identities before connecting, indicating a small uptick in caution when compared with 2015 which came in at 38 percent.
Workers between the ages of 18-24 were less likely to set up privacy settings in 2016 (49 percent) than 2015 (60 percent). They are also less likely in 2016 to check the identities of people before connecting with them (53 percent), compared to in 2015 (57 percent). However, even after this decline, millennials were still markedly more discerning in both of these areas than other age groups.
Robert Arandjelovic, director of Blue Coat product marketing in EMEA for Symantec told SCMagazineUK.com “this research highlights the risks organisations are exposed to due to the behaviour of their employees on social media and messaging applications. Social engineering remains a common tactic for threat actors to gain access to business networks, in part due to many employees leaving security holes through poor social media practices.
Arandjelovic continued: “Social engineers hack people, not computers, so it's important to ensure humans aren't the weakest link in cyber security. Encouraging employees to protect themselves online, with simple steps such as strong passwords for each application and privacy setting, will help navigate through the complexity of modern day threats.”