Employee carelessness poses security risk to businesses

Trend Micro report highlights perils of mobile device loss and Wi-Fi hijacking

Sensitive business data is being put at risk by the thoughtless behaviour of employees, a new report by Trend Micro has found.

The survey of 2,500 UK adults, published in a report entitled Britain's culture of carelessness with mobile devices, found over a quarter of smartphone users have had up to three work devices lost or stolen, and 63 per cent have no password protection on their phone at all.

Advertisement - Article continues below

The Tube is the most likely place for a phone to be lost or stolen in London (26 per cent), with the District and Circle lines proving to be particular blackspots.

A bar is the second most likely place for a smartphone to disappear (22 per cent), followed by a cafe (11 per cent) and a restaurant (8 per cent), according to the report.

At a roundtable to discuss the report's findings, representatives from Trend Micro, information security consultancy First Base, and law firm Taylor Wessing said the implications were clear for business.

James Walker, a security specialist at Trend Micro, said: "We talk about a watering hole from the point of view of compromising a website, [but if I were a criminal] I could know a bar where a certain target organisation would drink in after work, I could steal a mobile phone that's not password protected, send out a lot of phishing emails to lots of contacts within the organisation... and compromise a lot of people."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Vinod Bange, a partner at Taylor Wessing, added: "If you have an employee within an organisation who kept going to the accounts team and saying can I have 300 from petty cash please?' and came back the following day saying I lost it, can I have another 300?' and then the next day said sorry, I did it again, can I have another [300]?'   Who would do that?

"That is because cash is treated in a very particular way and it is about time organisations drew that link to treat information assets, whether it's personal data, confidential IP, or whatever it happens to be with the same degree of [restrictions]."

The report also examined the potential for data loss when using public Wi-Fi hotspots.

A team of ethical hackers from First Base used apps that were openly available on Google Play to clone a recognised Wi-Fi network, which volunteers' devices would then connect to automatically.

Advertisement - Article continues below

A hacker using this type of attack, known as an evil twin', is then able to see all the data sent, including sensitive corporate data and things that would normally be encrypted, like passwords. They could also restore sessions, to further mine data collected during the attack.

The volunteer victims' involved in these experiments said they felt scared that such an attacking method exists and that their privacy had been violated, even though it was just a simulation.

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now
Advertisement

Recommended

Russia hacked Liam Fox's personal email to steal trade documents
phishing

Russia hacked Liam Fox's personal email to steal trade documents

4 Aug 2020
British teenager charged over Twitter hack
hacking

British teenager charged over Twitter hack

3 Aug 2020
Mid-year report says vulnerabilities up 22% in 2020
hacking

Mid-year report says vulnerabilities up 22% in 2020

30 Jul 2020
BlackRock banking Trojan targets Android apps
trojans

BlackRock banking Trojan targets Android apps

27 Jul 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
How do you build a great customer experience?
Sponsored

How do you build a great customer experience?

20 Jul 2020