Copyright

How Human Error Leads to Digital Attacks

Instructor: Beth Hendricks

Beth holds a master's degree in integrated marketing communications, and has worked in journalism and marketing throughout her career.

Although human error may not be a crime, it may cause a vulnerability that could result in a digital attack. In this lesson, you'll learn more about types of human error and how each can create cyber vulnerabilities.

Security Problems

One is a social media app and the other is a store full of building supplies, but they may have more in common than you might think. They've both dealt with digital attacks that came as the result of human error.

Snapchat's data leak happened when an employee was contacted by a cybercriminal pretending to be the company's CEO. The perpetrator convinced the naive employee to send the payroll details of 700 Snapchat employees through email.

In Home Depot's case, a group of attackers managed to steal the username and password of a third-party vendor, which they then used to install malicious software on 7,500 self-checkout registers in stores across the country and into Canada.

Both companies issued apologies and implemented solutions to rectify the problem, but the damage was already done. What's more important is that both scenarios could probably have been avoided altogether.

Negligence, poor training or even carelessness could be at the bottom of human errors leading to digital attacks.
human, error, digital, attack, cybercrime, business, work, organization, security

A study conducted by Experian determined that nearly 70 percent of IT professionals said their number one problem in protecting their organizations were internal employees. It might be willful negligence or simply a lack of understanding or education that precipitates human errors in the role of digital attacks, but it is a critical threat facing companies today.

Let's take a look at some of the top human errors that can occur and how they lead to various types of digital attacks.

Top Human Errors

Someone once said, ''To err is human,'' and that is certainly true at the intersection of digital devices and human beings. Here are some common human errors that can contribute to online attacks.

Poor Password Protocol

No doubt there is at least one person in your organization whose password is, well, ''password.'' Employees who choose weak passwords for their computers or various company websites are inviting malicious attacks into your network. A simple or easy-to-guess password can effortlessly be hacked and stolen by cybercriminals seeking access to your files or accounts.

You may also have employees who are using the same password for multiple applications. This is another no-no because if the password is compromised in one place, it is likely compromised everywhere. In addition, this can be made worse by people sharing passwords with others inside the organization. Since you never know how careful the person you're sharing information with is being, sharing a password could be a critical mistake.

Ignoring Security Updates

We've all been there: Hard at work on a project or assignment when that pesky reminder to update your security software pops up. It's easy to push it off and say, ''I'll do that tomorrow,'' until tomorrow turns into next week and next week turns into never. Employee error comes into play when software updates are ignored or, worse, the employee disables software notifications altogether. The problem with neglecting security updates is that not only does it compromise the individual's machine, but the entire network.

Poor Threat Awareness

Just like in the Snapchat example above, employees often fail when it comes to understanding where security threats originate. It may come in the form of an email that looks like legitimate correspondence from a colleague. The employee may unknowingly click an email attachment or download a file with malicious code embedded. Threats may come through more intentional actions, such as employees downloading files or programs from suspicious websites or connecting personal devices that could be infected, such as flash drives, to a business network.

Carelessness with Technology

Employees who have company-issued computers, smartphones or other devices have been known to lose bags containing those devices in airports or have them stolen from their vehicles. Both scenarios are the result of human mistakes, but they can present serious complications if the person who finds - or steals - this technology is able to access an organization's files or network.

To unlock this lesson you must be a Study.com Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use Study.com

Become a Study.com member and start learning now.
Become a Member  Back
What teachers are saying about Study.com
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create an account
Support