VTA-00449 – Human Error Leads to Customer Details Data Leak on VirusTotal
According to the IBM Cyber Security Intelligence Index Report, June 2022, 95% of cybersecurity breaches are caused by human error. A compelling example illustrating the gravity of human error in cybersecurity is the recent incident that took place on the VirusTotal platform. On June 29, an employee inadvertently uploaded a CSV file containing limited information of Premium account customers. The unintended exposure included company names, associated VirusTotal group names, and email addresses of group administrators. Although the company acted swiftly to rectify the situation, this incident underscored the potential consequences of human error in compromising sensitive data. It is crucial to note that no cyber-attack or malicious intent was involved, demonstrating that seemingly innocuous actions can still lead to significant security breaches.
Human error in cybersecurity arises from a variety of factors, including lapses in judgment, lack of awareness, inadequate training, and misdelivery. Employees may accidentally click on phishing links, share passwords, mishandle sensitive data, or fall victim to social engineering tactics, inadvertently granting unauthorized access to cybercriminals. Misdelivery, including sending information to the wrong recipient, is one of the most common causes of all cybersecurity breaches. Email services often auto-suggest an email address to increase the user’s convenience, which increases the risk of sending an email to the wrong person if not carefully checked.
Another prevalent reason for a cybersecurity breach is weak password practices, which are extremely popular and, therefore, easy to guess. Additionally, 45% of users keep reusing their passwords across various services, further exacerbating the risk of unauthorized access. Furthermore, users often save these passwords in a careless manner, making it easier for unauthorized individuals to gain access.
MITRE Engage Tactics:
MITRE Engage Techniques:
Technical Impact Analysis:
Loss of Accountability, Loss of Confidentiality
Business Impact Analysis:
Financial Damage, Privacy Violation, Reputation Damage
SuperPRO’s Threat Countermeasures Procedures:
1. Subscribe to CODERED ASM, an External Attack Surface Management service that helps organizations identify and mitigate exposure risks associated with their external attack surface.
2. Provide comprehensive training and awareness about common threats, best practices, and potential consequences of human error.
3. Implement employee privilege control to reduce the risk of unauthorized access and potential mishandling of sensitive information.
4. Enforce strong password policies that mandate the use of complex passwords.
5. Develop a comprehensive incident response plan that outlines the steps to be taken in case of a data breach caused by human error.
6. Enable two-factor authentication for all of your online accounts that offer it.
Contributed by: ZheAn