Cyberattacks continue to be a very important problem for companies to be aware of, but a large proportion of attacks still occur because, in some way, mistakes were made.
According to a recent study by Mimecast, around 95% of attacks that led to data breaches in 2024 were carried out because of human error in the process. These failures occur even in companies that provide training to their employees on how to avoid and deal with this type of attack.
According to the study, more than 43% of attacks occurred due to internal company failures, in most cases by employees who inadvertently carried out some practice that led to the attack or the gateway to it.
The study also points out that some of the biggest ransomware attacks carried out last year were caused by internal security failures and carelessness on the part of employees or entities associated with them. The attack on Change Healthcare, one of the largest healthcare entities in the US, was an example of this, having occurred due to human error.
The attack in this case began with a phishing email, which was received by an employee and which inadvertently downloaded the malware contained in it. This allowed the company to steal access data to its internal systems, which allowed the attackers to steal a huge amount of personal data.
Fortunately, more and more companies are focusing on providing training for their employees to prevent them from being targeted by attacks. This includes regular classes and general training to ensure that employees are prepared to avoid these types of scams.
Although no system is completely impenetrable, training is certainly one of the gateways to preventing greater harm from happening. Companies also point out that they are making more investments in the area of AI, in order to implement more advanced security systems that can use AI to quickly prevent this type of attack.
The data, however, relates to the US market, and it would be interesting to analyze the same information in other countries, such as Portugal.
