Users smallest source of concern despite causing most security breaches: CompTIA

Persistent shortcomings in corporate information-security policy continue to compromise security efforts by exposing organisations to human error and the ever more-clever depredations of ransomware and other malware authors, peak security group CompTIA Information Technology has warned on the back of new research showing that just 54 percent of surveyed companies offer their employees any form of cybersecurity training.

Respondents to the organisation's latest Trends In Information Security report were almost equally concerned about the growing organisation of hackers (54 percent), the sophistication of the threats they produce (52 percent), and the greater availability of hacking tools (48 percent) that allow attacks to be created, changed and discontinued with increasing frequency.

Security tools such as data loss prevention (used by 58 percent), identity and access management (57 percent) and security information and event management (49 percent) were helping many organisations mount a response, yet the overall results indicated that fewer firms believe they've found the right balance between risk and security.

“It's not that businesses need to be convinced that security is important,” CompTIA senior director for technology analysis Seth Robinson said in a statement. “Instead, they need to be convinced of the ways that their current security approach is putting them at risk.”

Interestingly, when asked about their biggest source of concern about security a small number of respondents named the human element – even though reiterated commonly expressed frustration that human error is the largest factor behind security breaches.

New attacks continue to test humans' ability to recognise and block malicious emails and other attacks. The latest ransomware reported by security consulting firm KnowBe4, for example, uses the Dropbox file-sharing application as an attack vector.

KnowBe4 warned of new 'Pacman' ransomware that uses a specially crafted .EXE file attachment that is shared with victims via DropBox. If clicked upon, the attachment, which a message in Danish purports to be a 'possible new patient', encrypts the system's data files, demanding ransom be paid in Bitcoin within 24 hours.

The ongoing scourge of ransomware presents particular difficulties for organisations, whose exposure to human error is magnified when malicious code intrudes and threatens to make large swathes of corporate data inaccessible.

It's a problem that is proving to be particularly pointed in Australia, with the new CryptoWall 3.0 ransomware more successful in this region than elsewhere.

Read more: Human error root cause of November Microsoft Azure outage

Security firm Websense recently highlighted the ongoing use of lures such as Australia Post and NSW government traffic speed camera infringements.

Use of a “legitimate-looking logo” and a CAPTCHA validation form are added to provide “a degree of legitimacy”, the Websense analysts note, while adding that the links for those clicks go to pages with hxxp: protocols instead of http:.

“Ransomware will continue to evolve as we progress through to 2015,” the Websense authors wrote. “Once a machine has become infected and files encrypted there is a little that an end user can do to counter it.”

“To strengthen your overall security posture we recommend that you raise awareness within your employee base of the dangers and signs of ransomware, and adopt suitable technologies to identify and protect from the threat in the early stages of the threat lifecycle.”

Read more: Priority-based patching extending lifespan of outdated equipment: Dimension Data

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Tags information securityriskmalwarehuman errordropboxdata losswebsensecaptchacomptiasecurity breachesKnowBe4nformation-security policy'Pacman' ransomwarecybersecurity training

Show Comments