A study by cyber security firm Blue Coat Systems has revealed that organisations, including charities, are still being exposed to increasingly sophisticated cyber-threats posed by social engineering, where personal and work information is gathered, often via social media, and used to deliver advanced threats into networks.
The results of an online study carried out by YouGov among 3,130 workers in various industries across Great Britain, France and Germany added that, despite the increased use of social media applications, both inside and outside of the office, workers are still failing to fully protect themselves from complex social engineering techniques like phishing.
User behaviours have not improved since 2015 and, in some cases, have grown worse. While some areas indicate an improved sense of social media savviness, other areas supply modern-day hackers with opportunities to exploit.
Key findings amongst those who use social media include:
• In 2016, 42% of respondents report only accepting requests from people they know, suggesting a willingness to connect with strangers, down slightly from 2015 (43%).
• Privacy access and settings remain an issue, with only 40% of 2016 respondents still having set privacy settings allowing only certain people to view their profiles, the same as in 2015.
• When connecting with people, 41% of 2016 respondents always check identities before connecting, indicating a small uptick in caution when compared with 2015 which came in at 38%.
All generations pose a security risk according to the study, which found:
• Workers between the ages of 18-24 were less likely to set up privacy settings in 2016 (49%) than 2015 (60%). They are also less likely in 2016 to check the identities of people before connecting with them (53%), compared to in 2015 (57%). However, even after this decline, millennials were still markedly more discerning in both of these areas than other age groups.
• Workers within the 45-54-year-old bracket have improved in 2016, as 37% always check the identities of people before connecting, compared to 32% from 2015. Of those 55 and over in 2016, 40% check identities before connecting, up from 30% in 2015. Despite these improvements, the data shows that workers over 45 as a group tend to be considerably less vigilant than their counterparts.
• In 2016, millennials (workers aged 18 to 24) exhibited the worst password behaviour, with 14% using the same password for every application, almost double that of the whole working population (8% overall).
• Only just over one-third of all respondents use a different password for each social media and messaging application (36%).
Figures prompt calls for charities to ensure they use all methods possible to protect online transactions and customer data
Going forward monthly updates will be accessible via a new security bulletins portal
Details of scams targeting charities revealed
Cybersecurity expert Ian Kilpatrick discusses why modern working practices have opened the door to new security vulnerabilities – and what charities can do to protect themselves