5 Ways Human Error Can Destroy Your Business

by | Nov 1, 2018

Investing in cybersecurity technology is critical for every business. From anti-malware to data backup, these systems are essential for surviving cyberattacks and keeping your business running. But unfortunately, even the most iron-clad defenses aren’t 100% fool-proof. Often, the worst cybersecurity breaches are caused by little more than human error.

If you’re not actively training your employees on how to prevent a breach, or deploying extra safeguards to block their mistakes, then it’s only a matter of time before one little accident causes a major disaster for your business.

Here are 5 ways it could happen:

1) ‘You need to reset your password.’

Jim from Accounting arrives at work Monday morning to find an alarming email in his inbox. Unknown users with IP addresses from Ukraine have been trying to access his G Suite account, the email says. Jim is advised to change his password right away.

Jim hasn’t even had his coffee yet, so his spidey senses aren’t quite awake. All he sees is the big blue “Change Password” button, and it looks like every other message from Google. So, he does what many of us would do. He changes his password.

Disaster averted. Right? Not quite.

Weeks later, the company discovers it has experienced massive data theft from its Google Drive folders, including sensitive customer information, critical accounting files and more. Worse yet, the attackers have had access to Jim’s email the whole time – which contained highly sensitive messages dating back years.

It’s now clear that Jim was the victim of a phishing attack. And it’s a nightmare, from both an operational and public relations standpoint.

(If this story sounds familiar, that’s because it’s basically how Russian operatives hacked the Democratic Party in 2016. But also, similar attacks happen nearly every day at businesses around the globe.)

 

How it could have been prevented:

  • One of the best ways to prevent security breaches from phishing attacks is to properly train employees. Employees should be educated on how to spot suspicious messages, how to verify sender details, and they should be aware of the red flags anytime they’re asked to change their passwords.
  • Technology-wise, good spam prevention and firewall configurations can also help to prevent these messages from reaching inboxes in the first place.
  • Blocking known bad IPs can also help prevent some phishing pages from loading if the email is clicked.

 

2) Invoice #031522

Stacy from Accounts Payable spends 90% of her day paying company invoices. Vendors from all over the country send their invoices to her by mail and email. It’s her job to get them approved and get them paid.

So when Stacy receives an email Tuesday afternoon, asking her for a friendly status update on “Invoice #031522,” she doesn’t question it. She opens the attachment and waits …

But the invoice never appears.

Instead, her desktop locks up. A message appears on screen: “Your files are encrypted.” There are instructions for submitting payment within 24 hours, after which the files will be permanently locked.

Yep, it’s ransomware. And within a matter of minutes, Stacy learns that the infection has spread across the whole network, locking up other machines, including the company server. Everything grinds to a screeching halt.

It takes weeks for the company to completely restore operations, and the losses are staggering: more than $600,000 in costs for idle workers, production stoppages, revenue disruption and system repairs.

You can’t totally blame Stacy for this simple human error. The ransomware email was well disguised as a message that was relevant to her. Also, she never received any training that would have taught her otherwise.

 

How it could have been prevented:

  • This is another case where employee education can make a huge difference. All departments should be trained on how to handle email attachments and how to determine if messages are from trusted senders.
  • Software restriction settings can prevent applications from executing unless they’re whitelisted. This can help prevent executable files from loading when unsuspecting users try to open them.
  • File access controls can help prevent the spread of an infection across an entire file directory. Limit users’ accounts and write-access permissions to only the files and folders they need.
  • Disable macro scripts from Microsoft Office files so that if ransomware is hidden within a Word file or XLS, it won’t be able to load when the file is opened.
  • Back up your data constantly with a dependable business continuity & disaster recovery solution.

 

3) ‘OMG amazing third-party app integration … oh.’

Ed from Sales has found the most amazing app integration ever.

It’s a nifty little tool that syncs data between Salesforce and the company’s accounting software and his sales team’s activities in the field. With one simple integration, Ed will be able to track the costs and ROI of all on-the-ground sales efforts vs. other marketing campaigns and so much more. It will save him hours! Management will love him!

All it takes is a few clicks …

But Ed didn’t read the fine print. He adds the third-party app in Salesforce, but he configures it all wrong. In the process, the app overwrites 6 months of sales data – literally all activity, new customers, sales records, everything from the last half-year, all wiped out instantly.

It gets worse. The app was riddled with malware. Turns out, all that company data wasn’t just overwritten. It was stolen. The hackers who developed the app had access to everything from the moment Ed completed the integration.

The breach and subsequent recovery cost the company six figures. It also cost Ed his job.

But once again, this is a mistake that could have been avoided if the proper precautions had been in place.

YOU MIGHT ALSO LIKE:  Impact of a cybersecurity breach: 8 ways it costs you

 

How it could have been prevented:

  • Restrict the use of third-party app integrations until they are approved and administered by your IT managers. When applicable, all integration capabilities should be blocked within the applications to prevent unauthorized users from adding apps.
  • Always verify that third-party apps are from trusted developers.
  • Use Backupify to back up data within Salesforce and other cloud services, so that you can still recover data if it has been inadvertently overwritten or deleted.

 

4) Aww, cute little email signature gifs

Janice from Creative finds a neat little tool that allows her to jazz up her email signature in Outlook. She can add colors, animated images of adorable kitties, inspirational quotes and all kinds of other fun stuff. Half the fun is choosing what to add!

She’s already gotten lots of compliments from coworkers. But something else weird has been happening…

Suddenly, her Internet Explorer homepage has been changing by itself. Every time she opens it, it takes her to a different website. Even her coworker Fran, who sits next to Janice, has noticed it happening on her own computer too. Then Fran clicks a link on one of those weird websites, and her computer begins freezing up.

Soon, everyone’s computers are acting up. Browsers redirect to other sites. Email messages in Outlook aren’t loading properly. Sent folders are showing hundreds of weird messages that nobody has sent.

Sure enough, that neat little email signature program that Janice installed was actually malware. More specifically, it installed browser hijacking software, which redirected Janice’s browser to all kinds of other questionable sites. In turn, those sites installed even more malware, which infected the whole network and led to all the other buggy software problems that employees began experiencing.

All of this may seem like an extreme example, but it happens more frequently than you might think. Many organizations (particularly smaller businesses) have minimal cybersecurity defenses in place. In this example, the bad software that crushed the company may have been a simple program for customizing your email signature. But really, the same mistake could happen from installing any other unauthorized software.

 

How it could have been prevented:

  • Employees must be periodically reminded of the strict cybersecurity policies that prohibit them from installing software of any kind, unless otherwise approved by IT managers. These policies should be backed up by the software restriction configurations mentioned above, so that installation attempts are blocked.
  • In the case of browser hijackers, additional firewall settings, IT blocking and anti-malware can help to prevent some malicious sites from loading in the first place.

 

5) ‘Another Windows update?! I don’t have time for this.’

Nick in Human Resources gets a Windows alert every day that his O/S needs updating. But he’s too busy for that. The last time he allowed an update to install, he lost 2 hours of his morning! And since the system isn’t set to update automatically, he’ll just keep hitting the “Postpone” button as long as it lets him.

But then one day there’s a problem.

A global ransomware attack has infected thousands of computers, and Nick’s is one of them! He can’t access his files or do anything. So now, instead of losing a few hours to update his computer, he’s about to lose days – not to mention weeks of work saved on his machine that wasn’t backed up.

Sound familiar? This is basically how the WannaCry and NotPetya ransomware attacks played out in 2017. Unlike most ransomware attacks that begin with phishing or spam emails, WannaCry and NotPetya preyed on unpatched Windows systems. In that sense, the infections occurred without user action. Or, more accurately, they occurred because of a lack of action. For various reasons, businesses failed to apply critical security patches that could have stopped the attacks from happening.

 

How it could have been prevented:

  • Patch everything: operating systems, software, firmware, devices, whatever’s on your network.
  • When applicable, schedule systems to update automatically or consider using a centralized patch management system.
  • If for some reason your users must process updates manually themselves, make sure that they know how to recognize a legitimate system message and that they understand the importance of not postponing those updates.
  • Back up your data frequently, so that it can be restored after a ransomware attack.

 

A host of other human errors

This list barely scratches the surface of human errors that can leave your business vulnerable. Weak passwords, file deletion, careless handling of sensitive data, plugging in insecure devices – the list goes on and on.

We’re all human. Mistakes are bound to happen. But every business has the responsibility to minimize the risk of these errors with the proper mix of cybersecurity education and technology. A failure to do so is a disaster waiting to happen.

 

Deploy the best data protection

Protect your data from a cybersecurity disaster with business continuity solutions from Datto and Invenio IT. For more information, request a free demo or contact our experts today by calling (646) 395-1170 or by emailing [email protected].

New call-to-action

Tracy Rock is the Director of Marketing at Invenio IT. Tracy is responsible for all media-related initiatives as well as external communications—including, branding, public relations, promotions, advertising and social media. She is one busy lady and we are lucky to have her!