Logo Threat Intelligence

Cultivating An Organisation-Wide Cyber Security Mindset

Threat Intelligence • Feb 11, 2022

When it comes to securing your organisation against the threats of phishing, ransomware, data breaches or Business Email Compromise (BEC) attacks, your staff are your front-line warriors.


Any organisation with well-trained staff who internalise the security-first mindset will be much better protected than other organisations. 
For any executive looking to strengthen their organisational resilience against an ever-expanding threat landscape, the message is clear: investing in ongoing cyber-awareness for your staff will pay significant dividends.


Done right, cyber-awareness training will turn your staff into your greatest cyber-security asset!


In this blog, we will explore some of the most common tactics cyber-criminals are using to deceive staff into opening the way for exploits. We will also explore training initiatives you can embrace to ensure your staff are equipped to identify and block these tactics.

6 Ways Staff Behaviour May Be a Cyber-Security Risk 

There is no shortage of attack vectors being actively used by cyber-criminals to carry out their malicious activities. In many cases, these attacks rely on simple human error. Implementing the right staff training, along with appropriate policies and controls, can significantly mitigate your organisation’s risk of being exploited.   Here are 6 of the most common cyber-attacks that often depend on human error:

1. Phishing

Phishing is among the most common attack methods used by cyber-criminals to steal sensitive data. Whether the attackers are looking to compromise information about your organisation’s finances, customers, employees or confidential research and patents, the effects of a data breach can be devastating.


In most cases, a phishing attack usually begins with cyber-criminals sending fake messages to employees via email or SMS. These messages are disguised to look like they were sent by a legitimate third-party, such as a government agency or other large organisation. Increasingly, sophisticated attackers are engaging in spearphishing to deceive staff into opening and clicking on phishing messages. Spearphishing involves sending staff a fake message from someone they know, such as the organisation’s CEO


Typically, phishing messages prompt the target to click a link or open an attachment. This action often installs malicious software, known as malware, on the target’s systems. In many cases, the malware exfiltrates sensitive data from the organisation. In other cases, a phishing message redirects the target to a fake website where they are promoted to enter login and password credentials. This enables the attacker to use the credentials to gain access to a range of other applications containing sensitive data, such as email accounts.


A phishing attack can result in an organisation facing significant financial costs, not to mention long-term reputational damage. There may even be legal repercussions. The Notifiable Data Breach Scheme requires organisations that have experienced a data breach to notify the Office of the Australian Information Commissioner (OAIC), as well as any individuals likely to suffer serious harm as a result of the breach.


So, stopping phishing attacks must be a top priority for all organisations. Email awareness training programs should be compulsory for all staff so they know how to identify potential phishing attempts.

2. Malware and Ransomware

As mentioned above, cyber-attackers are actively looking for ways to install malware into your environment. This usually involves deceiving a staff member into clicking a dangerous link or opening a dangerous attachment in a phishing message. Once executed, the staff member is often unaware that malware is running in the background. In many cases, it will be searching for login and password credentials so attackers can gain access to your organisation’s network or application layer. Malware may result in data exfiltration, SQL injection attacks, remote code execution or the installation of backdoors that allow attackers to achieve persistent access to your environment. 


Ransomware has emerged as a serious threat to many organisations. This occurs when malware encrypts an organisation’s data and denies access to critical systems until the target pays a hefty ransom, usually by cryptocurrency. With so many potentially devastating consequences, every organisation must take measures to mitigate the risk of malware. Staff require training to be on the lookout for any suspicious links or attachments that might execute malware on your systems.

3. Man-in-the-Middle Attacks

They say data is the new oil. But, for that data to add value to an organisation, it needs to be processed so essential information can be extracted.


As a result, an organisation’s data is constantly being exchanged between various people and systems within the organisational environment. A man-in-the-middle attack occurs when malicious actors find ways to intercept data, including communications, whilst being transmitted. The goal of the attacker may simply be reconnaissance. By eavesdropping on confidential communications, a cyber-criminal will be able to learn a great deal about the target organisation. In other cases, the attacker may seek to manipulate or redirect data as it is being exchanged. This may see confidential data sent to a computer controlled by the attacker.


In man-in-the-middle attacks, the cyber-criminals insert themselves into the data exchange, pretending to be both the legitimate sender and the legitimate recipient. One of the most common man-in-the-middle tactics sees a cyber-attacker make free Wi-Fi hotspots available that do not require any password. If one of your employees connects to such a Wi-Fi hotspot, the attacker can gain full visibility over any data or communications being exchanged.   It’s essential that staff receive training, so they understand the dangers inherent in public Wi-Fi, particularly with so many employees working remotely. Ensuring all staff know how to encrypt data and communications, as well as how to use Virtual Private Networks (VPNs), it will be possible for them to mitigate the risks of man-in-the-middle attacks.

4. Password Cracking

Among cyber-security experts, human error is often characterised as the weakest link in any organisation’s security posture. Certainly, when staff don’t follow best-practice password protocols, they are exposing your organisation to significant risk. Password cracking sees cyber-criminals use a variety of methods to reveal passwords to systems, enabling them to gain unauthorised access and steal critical data. In some cases, the attacker will simply steal passwords, for example through phishing attacks. In other cases, malicious actors use cracking tools to bombard a system with millions of potential passwords, known as a brute-force attack.


When an attacker compromises an employee’s password to one system, they will attempt to gain access to a range of other systems and applications using the same password. Staff that use the same password across multiple systems or applications are therefore placing your organisation at a greater risk of experiencing a breach. Some attackers even succeed in breaching an organisation’s defences by guessing passwords. That’s why staff need training in the use of complex passwords, or passphrases, as well as strategies to keep their passwords secure.

5. Weak Code Repository Controls

For many organisations, proprietary applications are an integral part of their operations. Whether for internal use by staff, or as tools to engage and transact with customers, such applications may be developed in-house, or by specialist external developers. Either way, developers have become accustomed to making extensive use of open-source code repositories, such as GitHub. Much application functionality can be sourced from these repositories, saving considerable time and money. Additionally, the developers working on your application may store their custom code in repositories which others can access.


However, significant security challenges can arise if your developers use open-source code that is not robustly written. Code with bugs could be included in your applications, creating vulnerabilities that can be exploited by malicious actors. Equally concerning is the potential for developers to accidentally include login credentials with the code they store in the repository. They may accidentally reveal passwords to your applications to malicious actors. In the past this has directly led to numerous security breaches.


It is essential that you have strict controls around the use of repositories, so your developers aren’t inadvertently placing your organisation at risk. Ensuring your developers receive training in secure software development needs to be a priority for any organisation developing applications.

6. Business Email Compromise (BEC)

One of the most common types of cyber-attacks, BEC sees malicious actors manipulate bank account details in emailed invoices or spoof an organisation’s CEO/CFO to email fake payment instructions to accounting staff. BEC attacks are particularly difficult to prevent, as accounting staff often have no way of knowing whether the banking information they are using to process outgoing payments is actually correct. Staff are also inclined to follow the instructions they receive via email from their organisation’s CEO/CFO, with no way of easily knowing if the instructions are fake. Strict controls around outgoing payments, including separate teams of staff members checking bank details and approving payments, are all required to protect your organisation from BEC attacks. Your accounts department staff need ongoing training in how cyber-criminals are targeting organisations, and the signs they need to be on the lookout for to prevent a successful payment redirection attack.

How Can Threat Intelligence Help?

Each of these types of cyber-attacks all rely on some form of human error to be executed. Only with extensive staff awareness training, will it be possible for your organisation to strengthen its resilience against most of these common attacks. 


Staff need ongoing training by professionals in areas including:

  •  Understanding common cyber-attack methods
  • The importance of strong passwords
  • The use of encryption
  • Ensuring secure connectivity to the internet
  • Implementing Multi-Factor Authentication across all systems
  • Handling, transferring and storing data securely
  • Checking all links and attachments carefully before clicking
  • Controls around open-source repositories
  • Controls around outgoing payments
  • And more!


Importantly, staff training is not a one-time occurrence. Staff need ongoing training, with practical exercises, so that a cyber-security mindset can be developed over time.  

 
Threat Intelligence offers expert cyber-security awareness training for all levels of staff. Given that human error at any level of an organisation can expose the organisation to significant risk, it’s essential that all staff members participate. 
Contact Threat Intelligence today for further information about our range of staff training solutions.

IoT Penetration Testing

IoT Penetration Testing

By Anupama Mukherjee 02 May, 2024
Mastering IoT Penetration Testing: Uncover Vulnerabilities, Ensure Robust Security. Learn Proven Methods & Best Practices. Elevate Your IoT Device Protection Now
Cybersecurity Project Management

Cybersecurity Project Management

By Threat Intelligence 24 Apr, 2024
In this blog, we're exploring cybersecurity project management and the role it plays in securing a business.

Defense Industry Security Program (DISP): Practical Tips and Best Practices

By Threat Intelligence 19 Apr, 2024
Unlock the secrets to navigating the intricacies of the Defence Industry Security Program (DISP) with confidence. Our expert team offers invaluable insights and tailored support to help you meet DISP's rigorous security assessment requirements.
Threat Modeling

Elevating Security with Threat Modeling

By Threat Intelligence 12 Apr, 2024
In this blog post, we'll explore what threat modeling is all about, why it's important, and how it can prevent cyberattacks.
Share by: