New study shows UK workers are significantly lacking in cyber awareness and could be leaving themselves at risk
A new study has revealed that the majority of UK workers are not Cyber Savvy and have failed a Cyber IQ test, which was compiled by experts at internet security firm ESET.
Study participants were asked a range of basic to intermediate questions around cybercrime and security awareness; however the majority of the questions were answered incorrectly. For instance, when respondents were asked if it is true that cyber criminals attack mobile devices in the same way they attack laptops and PCs, 12 percent said no and 46 percent were not sure. When respondents were asked what ‘vishing’ is 35 percent were not sure, while 26 percent thought it was a scam that came in via text message.
Other findings from the study revealed that:
- Reassuringly 87 percent of respondents knew what phishing is
- 23 percent thought that by having antivirus software installed they are fully protected and can surf the internet safely
- Only 29 percent of respondents understood that passwords need to be complex in order to be effective
- 16 percent felt that if they didn’t visit shady sites they have no reason to be careful when using the internet
- Encouraging only 5 percent of respondents thought that paying a ransomware fine was their only option
- Only 28 percent of respondents know that IoT stands for Internet of Things
Commenting on the study findings, Mark James, security expert at ESET, said: “Phishing is without a doubt one of the biggest threats to consumers so it is very reassuring to see that the majority are aware of the threat. However, consumers need to understand that antivirus is only part of the solution, they also need to be careful where they click. Cybercriminals are constantly revolutionising threats to make them even harder to detect and you can never been 100% secure. Consumers must also be aware that cybercriminals target mainstream, popular consumer websites just as frequently as they do illicit sites. Cybercrime is a business and hackers know that they have a bigger return on investment hitting sites that have high numbers of visitors. Consumers should always treat the internet with caution and never click on links or visit sites which seem suspicious.”
The more difficult questions in the study asked if respondents could identify what a DDoS attack was, however only 26 percent of respondents were able to answer correctly. In addition to this, when participants were asked which WiFi standard was generally most secure, 70 percent of respondents did not know and only 18 percent chose the correct answer.
“Our study has shown that consumers are still very behind in terms of cyber awareness and could be putting themselves, and the organisations they work for, at risk. There are many security issues which are more targeted at businesses; however consumers should have a good understanding of the threats that target them. Cybercriminals are constantly looking at ways to exploit mobile devices and consumers should be aware of this. By not having the proper security standard enabled on their router, consumers could be unknowingly opening their home network to threats. Vishing is a new phenomenon and people are losing millions of pounds through the scam, this is a particularly nasty threat which consumers should definitely be aware of,” continued James.
Other findings from the study showed that despite Wales doing so well in the rugby, they certainly need some lessons in cyber. Participants from Wales fared the worst in the survey with 31 percent of respondents thinking IoT stood for Internet of Technology, 20 percent not knowing what phishing is and only 29 percent of respondents realising that mobiles can be targeted by cybercriminals in the same way as computers and laptops.