Lazy attitudes and tech demands are a post-pandemic cybersecurity fear
Time spent at home and a raft of new apps will combine to a security nightmare.
The mass migration of work from physical offices to online platforms combined with tech fatigue could create a perfect storm that could make hackers’ jobs easier to leverage access to accounts, a new survey by IBM has warned.
A global survey of 22,000 people across 22 markets, conducted by Morning Consult on behalf of IBM Security, identified a number of deleterious effects of the pandemic on consumer security behaviour. The changes spotted could leave people sitting ducks to become victims of hacks if we’re not careful. As more and more of our lives shift online, the challenge for users to stay safe in an ocean full of hacking sharks looking to attack becomes increasingly difficult.
The average user created 15 new online accounts during the pandemic – the equivalent of “billions” of new vulnerable accounts for hackers to cherry pick from, warned IBM. “With 44% reporting that they do not plan to delete or deactivate these new accounts, these consumers will have an increased digital footprint for years to come, greatly expanding the attack surface for cybercriminals,” they said.
Passwords become scrappier
The sheer volume of accounts the average user has to juggle is causing individuals to take shortcuts to make their lives easier – but alongside that, opens the door to prolific hackers to more easily crack open defences, the IT firm warns.
82% of respondents admitted to reusing credentials at least some of the time, with many new accounts using log in details that have already been breached before.
“The pandemic led to a surge in new online accounts, but society's growing preference for digital convenience may come at a cost to security and data privacy,” said Charles Henderson, Global Managing Partner and Head of IBM Security X-Force.
“Organisations must now consider the effects of this digital dependence on their security risk profile,” added Henderson. “With passwords becoming less and less reliable, one way that organizations can adapt, beyond multi-factor authentication, is shifting to a zero-trust approach – applying advanced AI and analytics throughout the process to spot potential threats, rather than assuming a user is trusted after authentication.”
Convenience is king
The increasing number of login details circling around people’s heads makes it more important that companies make it as easy as possible to ensure that they can access accounts. According to the IBM survey, 59% of adults now expect to spend less than five minutes setting up a new digital account – meaning they’re more likely to treat their security for that account more casually.
When it comes to remembering passwords, almost as many people – 32% of people – write down their passwords on paper, a highly insecure method of storing secret data, as they do storing it in their memory.
In all, 44% of respondents store online account information in their memory.
Globally, respondents to IBM’s survey self-reported that they would attempt logging in three or four times before selecting the option to reset their password. “These resets not only cost companies’ money, but they can also pose security threats if used in combination with an already compromised email account,” IBM says.
However, respondents are starting to recognise the importance of their cybersecurity. Two-thirds of respondents to the survey said they had used multi-factor authentication within a few weeks of being surveyed. Encouraging behaviour like that – which doubles up on the security of accounts from falling victim to hacks or brute force attacks – could well become the key way to head off the perfect storm we’re currently sailing into.