As threats to the security of government and corporate IT systems keep advancing and getting more sophisticated, computer security experts are doing their best to keep up. and develop technological solutions to keep malware and viruses out of our systems.
But one vulnerability is about the same today as it was at the down of hacking: the human element. Whether it’s because we’re in a rush, or we’re naive, or we’re just plain lazy, attackers know they can use various forms of what’s sometimes called social engineering to use an organization’s own employees against it.
Witness a test conducted by the Homeland Security Department earlier this year. They covertly scattered USB drives in agency parking lots to see what employees would do if they found them. According to Bloomberg News, 60 percent of the employees who found the drives plugged them into office computers. That figure went up to 90 percent if the drive had an agency logo on it.
Andy Purdy, chief cybersecurity strategist at Computer Sciences Corporation, discusses the USB hack and other ways hackers can find unwitting accomplices among an agency’s own workforce.