Expert blames cyber-attacks on human errors

Wed, Jul 19, 2023
By editor
3 MIN READ

Science & Tech

THE Nigeria Data Protection Commission (NDPC) on Wednesday identified human errors as a significant factor contributing to data breaches in organisations.

Mr Olorunisomo Isola, the Head, Information Technology and Cybersecurity, NDPC, made this known during a capacity building for members of the Nigeria Information Technology Reporters Association (NITRA) Lagos Chapter.

The training, which took place in Ikeja, was on data protection and privacy,

Isola said that cybersecurity issues are usually treated as a technology problem, whereas most data breaches are as a result of human error.

He said that employees can unintentionally help cyber-attackers break into an organisation.

The NDPC boss said that attackers often carefully profile the employees of the company they are targeting, noting that this could be done through social media and by researching publicly available information.

“Once a target has been selected, one of the most common ways to execute a cyber-attack; is to send phishing e-mails directly to employees in a targeted company.

“These emails usually contain either a link or a Microsoft Office document embedded with malicious code. Thus, employees can unintentionally help cyber-attackers break into an organisation,” he said.

Isola said that curbing cyber-attacks using firewalls was not enough, adding that it was necessary to work on human errors within the organisation as well.

He noted that security awareness and training of employees were just as important.

Isola stressed that raising awareness could be done through webinars, on-site events, as well as pro­per onboarding of security policies, training manuals and pamphlets.

He also said that companies should adopt email policy, as email was a critical communication channel and having such policy would ensure secure usage.

The cybersecurity expert stressed the need to use only official company email accounts for business communications.

He noted that they should also avoid opening emails or attachments from unknown or suspicious sources.

“We need to be cautious of phishing attempts and report them immediately.

“Companies and individuals should also ensure that sensitive information is encrypted before transmitting via email,” Isola said.

Speaking on the types of attacks, he said there were phishing, man-in-the-middle, password, drive-in, dictionary, ransomware and Artifical intelligence (AI)-powered attacks.

Isola noted that AI-powered attacks are one of the most dangerous ones.

He said that cybercriminals could leverage AI to carry out sophisticated and targeted attacks.

“AI-powered attacks can be more destructive and challenging to detect than traditional cyber-attacks.

“They are smart enough to understand how to analyse all possible attack vectors, select the best option, execute successfully, and evade detection, all while adapting and evolving in real time.

“AI-powered attacks can also be more efficient, allowing attackers to carry out attacks on a larger scale and with greater accuracy.

“It will be a serious problem to deal with in the nearest future,” he said. (NAN)

A.

– July 19, 2023 @ 15:04 GMT |

Tags:


Prof lists advantages of GMO technology

GENETICALLY Modified Organisms (GMO) crops are healthier to eat, in many cases than non-GMO crops, says Prof Sylvia Uzochukwu, President...

Read More
NITDA trains  3143 artisans on digital applications

NATIONAL Information Technology Development Agency (NITDA) has trained no fewer than 3,143 trained artisans in Cross River on how to...

Read More
KnowBe4 predicts Artificial Intelligence advances will shape evolving Landscape of Cyber threats and defences

KNOWBE4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, announced its 2025 cybersecurity predictions from its team of...

Read More