Weak passwords allow hackers in

2014-05-26 08:36
Weak passwords allow hackers to easily compromise computers and steal personal information. (Duncan Alfreds, News24)

Weak passwords allow hackers to easily compromise computers and steal personal information. (Duncan Alfreds, News24)

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

kalahari.com

Cape Town - Weak passwords are one of the primary reasons that allow hackers to compromise passwords, says a security expert.

"People don't want to remember more than one password. It boils down to human nature - as long as you meet company policy, then you're okay," Andrew Kirkland, Trustwave regional director for Africa told News24.

The 2014 Trustwave Global Security Report found that weak passwords contributed to 31% of intrusions the company investigated in 2013.

The most commonly used password was "123456", followed by "123456789", "1234" and "password".

"It is a very big problem, and I'll tell you why: People are lazy. So if your company policy says to you that you've got to use a minimum of eight characters… users themselves, because they work for the company, they don't really care," said Kirkland.

Poor security habits

As news emerges from the US accusing Chinese officials of conducting a wide-ranging hacking campaign, it emerged that the alleged hackers used mundane deceptions to trick company officials into opening the "cyber door" to intruders.

According to the US Justice department, employees opened a number of attachments which installed malware on to internal networks.

Kirkland said that new computer users were unfamiliar with the dangers associated with being on the internet.

"I think that the general user out there who's being introduced to a computer, who's being introduced to social networking - they don't really understand the issues that it comes with."


Weak passwords allow hackers to easily compromise computers and steal personal information. (Duncan Alfreds, News24)

Kirkland said that poor security habits at work would evolve into similar private habits, especially as more people used websites and platforms which required password access.

"For me the most scary part of that is that '123456' becomes the password not only in your corporate environment, but it becomes our password in multiple sites. These people tend to want to only remember one password and use that password across their entire personal landscape, including their corporate environment."

US online giant eBay reported that up to 145 million users were potentially affected by a hacking breach that compromised user names, passwords and other personal data, though the company insisted that credit card numbers were not affected.

Spear Phishing

Trustwave said that computer users sometimes wrote passwords down or stored them in an unencrypted form.

"The first thing that stands out for me is education. Every company should take the responsibility to educate their employees about security - not only about meeting company policy - but about security in general so they have a habit: They apply the same principle when they go home," said Kirkland.

He added that companies tested their systems as the report found that 71% of breached firms do not detect the break-in themselves.


Spam is the primary method of delivering malware. (Duncan Alfreds, News24)

Trustwave also said that at least a quarter of internet users had identical usernames and passwords for multiple sites. Potentially, this makes it easy for cyber criminals, especially when they are targeting specific individuals in what is known as Spear Phishing.

Attackers using this method will tailor their deception so that the victim believes the communication to be genuine.

At least 59% of spam contained malicious attachment and 41% contained links that were designed to compromise a computer.

Some of the most common subject lines include: "Some Important Information is missing"; "Bank Statement. Please read"; "Important - Payment Overdue", Trustwave said in its report.

"Until we as a worldwide community understand that what this means, I think it's going to be very difficult to try and get rid of this problem," said Kirkland.


- Follow Duncan on Twitter
- News24

Read more on:    trustwave  |  internet  |  cybercrime
NEXT ON NEWS24X

SHARE:

Read News24’s Comments Policy

24.com publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
1 comment
Add your comment
Comment 0 characters remaining
 

Inside News24

 
/Movies
 
Traffic
Lottery
 
  • Thursday Cape Town - 05:39 AM
    Road name: MetroRail
    Due to extensive vandalism and criminal activity there are NO trains and NO replacement Bus Services between Nyanga/Chris Hani and Nyanga/Kapteinsklip
  • Wednesday Montague Gardens - 19:58 PM
    Road name: Montague Drive
    ROADWORKS - lane closures both directions for BRT lane construction - expect DELAYS
 
More traffic reports...
 

Jobs in Cape Town [change area]

Property [change area]

Travel - Look, Book, Go!

Magical Massinga

Spend 5 nights at the gorgeous Massinga Beach Lodge in Mozambique and only pay for 4 from R13 220 per person sharing. Includes return flights, accommodation, transfers and romantic turndown. Book now!

Kalahari.com - shop online today

Up to 60% off - clearance sale!

Save up to 60% on appliances, books, electronics, toys, movies and more. Offer valid while stocks last. Shop now!

Deal of the Week!

Get bestselling John Green novels now just R99 each! Hurry and get yours while stocks last. Shop here.

Mind blowing deals on beauty & fragrances

Save up to 30% off beauty and fragrances. Offer valid while stocks last. Shop now!

Up to 50% off hair care products!

Save up to 50% on professional hair care products at kalahari.com. Offer valid while stocks last. Shop now!

30% off academic books

Score a mind blowing 30% off academic books! Offer valid while stocks last. Shop now!

OLX Free Classifieds [change area]

Samsung Galaxy s4

Mobile, Cell Phones in South Africa, Western Cape, Cape Town. Date October 24

Best bargain in big bay

Real Estate, Houses - Apartments for Sale in South Africa, Western Cape, Cape Town. Date October 25

VW Golf 6, 1.6 Trendline (Excellent condition)

Vehicles, Cars in South Africa, Western Cape, Cape Town. Date October 25

BlackBerry Curve 9360

The BlackBerry Curve 9360 smartphone comes preloaded with Blackberry OS7...

From R1455.70

I'm shopping for:

Horoscopes
Aquarius
Aquarius

It is the end of the month and there may be a strong focus on organising finances. You may have found a need to reconstruct or...read more

There are new stories on the homepage. Click here to see them.
 
English
Afrikaans
isiZulu

Hello 

Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.


Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Settings

Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.








Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.