With the recent SingHealth breach, investigation has deduced that the breach was caused by a phishing e-mail attack. The employee downloaded the malware and unknowingly executed it. This gave the attackers access to the computers and eventually account credentials, which gave them access to the SingHealth database. The hackers stayed hidden in the system from 27th June to 4th July 2018. It was only until 4th July that an administrator detected unusual activity on the SingHealth database. Even though the attackers tried to strengthen their attacks, they failed as they were detected through close monitoring.
“To err is human” as said by Jefferey Kok – Vice President of Solution Engineer, Asia Pacific and Japan of CyberArk.
Root Cause – Negligence
As we can see, the ignorance and negligence of the employee who downloaded the malware allowed the attack to take place. Have you ever sent sensitive data to a wrong e-mail and realized that it was too late to recall your actions? Such errors are caused by poor decision or a slip of the mouse which can be solved using the right policies. With 64% of organization finding that negligence is the root of most incidents, there is definitely a vast room for improvement and a need for it.
Convenience vs Security
Most of the time, convenience is placed on top of complicated security. For example, creating your own wireless access point in your office to share internet access with your other wireless devices. Although this can improve your productivity, it provides another possible attack vector for attackers. As your device may not be updated with the latest security patches, it could be vulnerable to exploits. That is why companies put up policies and procedures to protect not only their Intellectual Property (IP) but also the employee from getting hacked.
Users with high privileges are often the main targets of social engineering and phishing attacks. As these individuals accounts can usually open the doors to the rest of the organisation, they also hold valuable data with their position.
In order to keep yourself safe, keep yourself updated and aware through training. All employees should be educated to understand the risks and the reason of policies implemented. With regulation such as General Data Protection Regulation (GDPR) coming into force, customers are slowly gaining awareness of the threats posed by cyber attackers.
Security should be a top priority in companies and should not be left aside. Business leaders need to engage with their security teams to ensure that they have the correct measures in place to protected themselves and address the threats encountered instead of avoiding them.
With the right training, awareness and policies, the attackers will have a tough time as everyone in the company is working towards a common goal with the same understanding.