Disgruntled staff targeted by cyber hackers 

Disgruntled staff targeted by cyber hackers 

The bulk of threats to organisations still come via email and people clicking on malicious links.

Thu, 09 Dec, 2021 - 17:48
Cormac O’Keeffe, Security Correspondent

Cyber experts are flagging the risks to companies posed by unhappy or disgruntled staff being targeted by attackers as a way of breaching computer systems.

They also warn that despite the sophistication of cyberattacks that the bulk of threats to organisations still come via email and people clicking on malicious links.

Speaking at an event organised by it@cork – a non-profit technology organisation representing more than 200 companies in the South-West – cyber professionals urged companies and organisations to invest in cyber security staff and for the owners to also take responsibility for cyber security.

Dave McCormack, principal engineer at McAfee Enterprise, said there was a need for companies to raise awareness among employees about sharing the type of information some do on their social media accounts.

He said this included the level of professional detail people might include in their Linkedln account.

Mr McCormack said if employees share on their Facebook account that they are “unhappy” at work, it would be quite easy for potential cyber attackers to identify them and exploit that in their attack.

Andy Grzess, chief technology officer with Smarttech247, pointed out the risks to companies posed by employees who are disgruntled, unhappy, overworked or stressed, who could do “something stupid”.

Separately, the US National Cyber Security Centre put out a public message in recent days urging people leaving or entering government service of new approaches via social media, saying foreign spies often used fake social media profiles to connect to those with information they want.

Mr McCormack said if people look at the initial way organisations are attacked, it is primarily “still email”.

He said: “It goes back to instilling suspicion in the eyes of employees when they get an email – is this legit, is this really coming from my boss - he’s on holiday in Spain and using personal email to send me this message or is this not?” 

He said because there are shades of uncertainty when it comes to detecting possible malicious attacks, there is "a need" for humans in the loop. 

"You do need to have security professionals in organisations, people who understand what they are looking at," he said. 

"The idea that people just install a security product from a regular vendor on your machines and be safe – unfortunately that’s not true and something businesses need to understand and plan accordingly.”

Read More

Third of businesses have no disaster recovery plan in place in event of cyberattack

CONNECT WITH US TODAY

Whatsapp logo

WHATSAPP

Newsletter logo

NEWSLETTERS

Notification logo

NOTIFICATIONS

Be the first to know the latest news and updates

More in this section

Minister 'not writing off' future bus and train fare hikes Minister 'not writing off' future bus and train fare hikes
Tourism Ireland spend €200k on campaign for hit show 'Wednesday' Tourism Ireland spend €200k on campaign for hit show 'Wednesday'
Housing Stock Ireland's housing market 'pausing for breath' as price inflation 'finally slowing down', report finds
Cybercrime
<p>According to the Climate Change Advisory Council, transport is the largest source of energy demand in Ireland. : Danny Lawson/PA Wire</p>

EV switch ‘biggest step’ most drivers can take to hit climate goals, committee hears

READ NOW

Lunchtime News

Newsletter

Keep up with stories of the day with our lunchtime news wrap and important breaking news alerts.

Latest

Most Read

Cookie Policy Privacy Policy Brand Safety FAQ Help Contact Us Terms and Conditions

© Examiner Echo Group Limited